feat: add macOS and Windows GHA runners support (#16)

update action to use the latest version of cagent (#14)

Merged: 2025-11-13 09:53:20

Update cagent version and replace 'run --tui=false' with 'exec' (#11)

Merged: 2025-11-12 16:55:54

Initial release of cagent-action

A GitHub Action for running CAgent AI agents in CI/CD workflows with built-in security hardening and comprehensive prompt injection protection.

Key Features:
- Download and execute CAgent agents from Docker Hub or local paths
- Optional MCP Gateway integration for containerized MCP servers
- Multi-provider AI model support (Anthropic, OpenAI, Google)
- Interactive TUI mode and YOLO mode for auto-approval
- Binary caching for faster workflow execution

Security Features:
- Input sanitization with 45 HIGH-RISK and 4 MEDIUM-RISK pattern detection
- Comment removal from diffs to prevent hidden prompt injection
- Output scanning for leaked secrets (API keys, tokens)
- Automatic incident response with security issue creation
- Authorization checks for PR author permissions
- Comprehensive test suite (13 security + 6 exploit tests)

Co-authored-by: Derek Misler <[email protected]>
Co-authored-by: Jean-Laurent de Morlhon <[email protected]>