Skip to content

feat: add MaybeDontAnalyzer security analyzer#2142

Open
robotdan wants to merge 4 commits intoOpenHands:mainfrom
maybedont:degroff/maybedont-analyzer
Open

feat: add MaybeDontAnalyzer security analyzer#2142
robotdan wants to merge 4 commits intoOpenHands:mainfrom
maybedont:degroff/maybedont-analyzer

Conversation

@robotdan
Copy link

@robotdan robotdan commented Feb 20, 2026
edited
Loading

Summary

Adds MaybeDontAnalyzer, a new SecurityAnalyzerBase implementation that validates agent actions against policy rules configured in a Maybe Don't Gateway instance.

  • Calls the gateway's POST /api/v1/action/validate endpoint before action execution
  • Maps ActionEvent fields (tool_name, tool_call.arguments, thought, summary) to the gateway's request format
  • Maps the gateway's risk_level response directly to SecurityRisk (HIGH/MEDIUM/LOW/UNKNOWN)
  • Graceful degradation: all errors (timeout, unreachable, 500, invalid JSON) return UNKNOWN
  • Follows the GraySwan analyzer patterns: Pydantic fields, lazy httpx client, model_post_init env var resolution, set_events/close lifecycle

How it fits with existing integrations

Layer What Covers
Security Analyzer (this PR) Pre-execution validation via REST endpoint ALL actions: shell commands, file ops, browser, tool calls
MCP Proxy (existing docs) Execution-time validation + proxying Only MCP tool calls routed through the gateway

MaybeDont doc for OpenHands

Configuration

from openhands.sdk.security.maybedont import MaybeDontAnalyzer

analyzer = MaybeDontAnalyzer()  # defaults to http://localhost:8080
# or
analyzer = MaybeDontAnalyzer(gateway_url="http://my-gateway:8080")
# or via env var
# MAYBE_DONT_GATEWAY_URL=http://my-gateway:8080

Files

File Purpose
openhands-sdk/openhands/sdk/security/maybedont/analyzer.py MaybeDontAnalyzer class
openhands-sdk/openhands/sdk/security/maybedont/__init__.py Package export
openhands-sdk/openhands/sdk/security/__init__.py Added to module __all__
tests/sdk/security/maybedont/test_maybedont_analyzer.py 41 unit tests
examples/01_standalone_sdk/40_maybedont_security_analyzer.py Usage example

Related

Test plan

  • uv run pytest tests/sdk/security/maybedont/ -v — 41 tests pass
  • uv run pytest tests/sdk/security/ -v — 119 tests pass (no regressions)
  • make format && make lint — clean
  • Integration tested against a live Maybe Don't Gateway (CEL deny rule for rm -rf → HIGH, safe commands → LOW)

🤖 Generated with Claude Code

@claude
feat: add MaybeDontAnalyzer security analyzer
8a7afa1 
Implements a SecurityAnalyzerBase that validates agent actions against
policy rules configured in a Maybe Don't Gateway instance. Calls the
gateway's POST /api/v1/action/validate endpoint and maps the response
risk_level directly to SecurityRisk.

- MaybeDontAnalyzer class following GraySwan patterns
- 41 tests covering init, request building, risk mapping, error handling,
  HTTP lifecycle, and end-to-end security_risk flow
- Example script (40_maybedont_security_analyzer.py)
- Exported from openhands.sdk.security module

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@robotdan robotdan mentioned this pull request Feb 20, 2026
Open
4 tasks
@claude
fix: Docker example in docstring that won't start
868df36 
- Add MAYBE_DONT_SERVER_LISTEN_ADDR=0.0.0.0:8080 (127.0.0.1 unreachable from host)
- Disable AI validation and audit report (require OpenAI API key)
- Match Docker command to docs PR (OpenHands/docs#350)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@all-hands-bot all-hands-bot requested a review from rbren February 25, 2026 12:30
@all-hands-bot
Copy link
Collaborator

all-hands-bot commented Feb 25, 2026

[Automatic Post]: I have assigned @rbren as a reviewer based on git blame information. Thanks in advance for the help!

@all-hands-bot
Copy link
Collaborator

all-hands-bot commented Mar 2, 2026

[Automatic Post]: This PR seems to be currently waiting for review. @rbren, could you please take a look when you have a chance?

@all-hands-bot
Copy link
Collaborator

all-hands-bot commented Mar 8, 2026

[Automatic Post]: It has been a while since there was any activity on this PR. @robotdan, are you still working on it? If so, please go ahead, if not then please request review, close it, or request that someone else follow up.

1 similar comment
@all-hands-bot
Copy link
Collaborator

all-hands-bot commented Mar 13, 2026

[Automatic Post]: It has been a while since there was any activity on this PR. @robotdan, are you still working on it? If so, please go ahead, if not then please request review, close it, or request that someone else follow up.

@all-hands-bot
Copy link
Collaborator

all-hands-bot commented Mar 17, 2026

[Automatic Post]: This PR seems to be currently waiting for review. @rbren, could you please take a look when you have a chance?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rbren rbren Awaiting requested review from rbren

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@robotdan @all-hands-bot @enyst