UnitOne AgentGateway fork with MCP security guards

Fork of agentgateway (https://github.com/agentgateway/agentgateway) with:
- MCP security guards (PII detection, tool poisoning, rug pull detection)
- UnitOne UI customizations
- Additional documentation and testing infrastructure

Author: surinderunitone

.cargo/config.toml

@@ -0,0 +1,9 @@
+[alias]
+xtask = "run --package xtask --"
+
+# Enable tokio_unstable for task dump
+# Not supported for non-linux
+[target.'cfg(target_os = "linux")']
+rustflags = [
+    "--cfg", "tokio_unstable"
+]

.devcontainer.json

@@ -0,0 +1,3 @@
+{
+    "image": "mcr.microsoft.com/devcontainers/rust:latest"
+}

.dockerignore

@@ -0,0 +1,6 @@
+target
+.idea
+.vscode
+.DS_Store
+manifests
+examples

.github/actions/prep-runner/action.yml

@@ -0,0 +1,51 @@
+name: Prep Runner
+
+description: Common setup steps for agentgateway actions
+
+runs:
+  using: "composite"
+  steps:
+    - name: Free disk space
+      shell: bash
+      run: |
+        echo "Before clearing disk space:"
+        df -h
+        docker system df -v
+
+        # https://github.com/actions/runner-images/discussions/3242 github runners are bad at cleanup
+        echo "Removing large packages"
+        time sudo apt-get remove -y '^dotnet-.*' '^llvm-.*' 'php.*' '^mongodb-.*' '^mysql-.*' azure-cli google-chrome-stable \
+          firefox powershell mono-devel libgl1-mesa-dri || true
+        time sudo apt-get autoremove -y || true
+        time sudo apt-get clean -y || true
+        echo "Done removing large packages"
+        df -h
+
+        # Clean up pre-installed tools
+        # For some reason, GHA often takes minutes (up to 20min observed) to clean up somehow.
+        # Presumably this is due to a slow disk?
+        function clean-dir() {
+          echo "Cleaning $1"
+          time sudo rm -rf "$1" || true
+        }
+        # These two were found to take very very long. Even though its large, its not worth the cost
+        # clean-dir /usr/local/lib/android  # 8.9gb
+        # clean-dir $AGENT_TOOLSDIRECTORY  # 5.6gb
+        clean-dir /usr/share/dotnet  # 3.4gb
+        clean-dir /usr/share/swift  # 3.1gb
+        clean-dir /usr/local/.ghcup  # 6.3gb
+        clean-dir /usr/local/share/powershell  # 1.2gb
+        clean-dir /usr/local/share/chromium  # 600mb
+
+        # Clean up images
+        docker image rm node:18 || true
+        docker image rm node:18-alpine || true
+        docker image rm node:20 || true
+        docker image rm node:20-alpine || true
+        # remove the dangling images and containers
+        docker images | tail -n +2 | awk '$1 == "<none>" {print $3}' | xargs --no-run-if-empty docker rmi
+        docker ps -a | tail -n +2 | awk '$2 ~ "^[0-9a-f]+$" {print $1}' | xargs --no-run-if-empty docker rm --volumes=true
+
+        echo "After clearing disk space:"
+        df -h
+        docker system df -v

.github/workflows/pull_request.yml

@@ -0,0 +1,116 @@
+name: Branch
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+
+env:
+  CARGO_TERM_COLOR: always
+  CI: true
+
+jobs:
+  build:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        include:
+          - os: ubuntu-latest
+            target: x86_64-unknown-linux-musl
+            # Performance is horrendous on musl without jemalloc
+            features: jemalloc
+          - os: ubuntu-22.04-arm
+            target: aarch64-unknown-linux-musl
+            # Performance is horrendous on musl without jemalloc
+            # TODO: arm64 build fails with jemalloc for some reason?
+            features: default
+          - os: macos-latest
+            target: aarch64-apple-darwin
+            features: default
+          - os: windows-latest
+            target: x86_64-pc-windows-msvc
+            features: default
+
+    steps:
+    - uses: actions/checkout@v4
+    - uses: actions/setup-node@v4
+      with:
+        node-version: 23
+    - name: Install Rust
+      uses: dtolnay/rust-toolchain@stable
+      with:
+        targets: ${{ matrix.target }}
+    - uses: Swatinem/rust-cache@v2
+      # Github cache is too tiny to handle the full matrix :-(
+      if: ${{ matrix.os == 'ubuntu-22.04-arm' || matrix.os == 'ubuntu-latest' }}
+
+    - name: Build UI
+      run: |
+        cd ui
+        npm ci
+        npm run build
+    - name: Install musl-tools
+      if: ${{ matrix.os == 'ubuntu-22.04-arm' || matrix.os == 'ubuntu-latest' }}
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y musl-tools
+        rustup target add ${{ matrix.target }}
+    - name: Build
+      run: "cargo build --features ui --target ${{ matrix.target }} -F ${{ matrix.features }} --profile quick-release"
+
+  test:
+    strategy:
+      matrix:
+        os: [ubuntu-latest, windows-latest]
+    runs-on: ${{ matrix.os }}
+
+    steps:
+    - uses: actions/checkout@v4
+    - uses: actions/setup-go@v6
+      with:
+        go-version: '1.25'
+    - name: Install jq on Windows
+      if: runner.os == 'Windows'
+      run: choco install jq -y
+    - name: Install protoc-gen-go on Windows
+      if: runner.os == 'Windows'
+      run: go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.36.6
+    - name: Install Rust
+      uses: dtolnay/rust-toolchain@stable
+    - uses: Swatinem/rust-cache@v2
+      # Github cache is too tiny to handle the full matrix :-(
+      if: ${{ matrix.os == 'ubuntu-22.04-arm' || matrix.os == 'ubuntu-latest' }}
+    - name: Add Go bin to PATH
+      shell: bash
+      run: echo "$(go env GOPATH)/bin" >> $GITHUB_PATH
+    - name: Test
+      run: make test
+    - name: Validate
+      run: make validate
+
+  lint:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v4
+    - uses: actions/setup-go@v6
+      with:
+        go-version: '1.25'
+    - uses: actions/setup-node@v4
+      with:
+        node-version: 23
+    - name: Install Rust
+      uses: dtolnay/rust-toolchain@stable
+    - uses: Swatinem/rust-cache@v2
+    - name: Add Go bin to PATH
+      run: echo "$(go env GOPATH)/bin" >> $GITHUB_PATH
+    - name: Generation
+      run: git config --global core.autocrlf true; make gen check-clean-repo
+    - name: Lint
+      run: make lint
+    - name: Lint UI
+      run: |
+        cd ui
+        npm ci
+        npm run lint