main
CI / validate (push) Successful in 25s
molecule-compliance
OWASP Top 10 for Agentic Applications (Dec 2025) compliance enforcement. Wraps builtin_tools/compliance.py — prompt-injection detection/blocking and excessive-agency limits (max tool calls + task duration).
How it works
Two enforcement modes:
Prompt injection detection
Scans user prompts for injection patterns (embedded instructions, role-playing attacks, context injection). Matches are blocked or flagged based on workspace config.
Excessive agency limits
Configurable caps on:
- Maximum tool calls per task (
max_tool_calls) - Maximum task duration in seconds (
max_task_duration_s)
Breaches trigger a pause and human review request.
Install
In org template (org.yaml)
plugins:
- molecule-compliance
From URL (community install)
github://Molecule-AI/molecule-ai-plugin-molecule-compliance
Configuration
In workspace config.yaml:
compliance:
injection_mode: block # or: warn
max_tool_calls: 50
max_task_duration_s: 600
Runtimes
langgraph— primaryclaude_code— supporteddeepagents— supported
Skills
owasp-agentic— agent-side guidance on OWASP Top 10 risks and mitigation patterns
Architecture
skills/
owasp-agentic/
SKILL.md # Agent-side guidance on OWASP compliance gates
adapters/
claude_code.py # Installs skill via AgentskillsAdaptor; compliance hooks run as
# pre-call gate inside the skill loader, not agent-callable tools
Known issues
See known-issues.md.
License
Business Source License 1.1 — © Molecule AI.
Description
Languages
Python
100%