A marketplace of third-party scanners, custom enrichments, and workflow integrations built on the Safeguard plugin SDK. Every entry is signed, security-reviewed, scope-declared, and sandboxed. Paid plugins share revenue with the author.
Plugins extend the platform — but on a contract. Signing, scopes, sandbox, audit, and a security review on every release. The marketplace is open. The bar is real.
Filter by category — scanners, enrichments, workflow integrations, dashboards. Each plugin lists what it does, what scopes it needs, the maintainer, the review status, and an install count.
Fork the plugin starter, build against the typed SDK, run the local test harness, and submit a manifest. The review queue is public and the SLA on first feedback is one business week.
Plugins must be signed with a sigstore key bound to the maintainer identity. Unsigned bundles fail to install. Re-signed updates flow through the same chain; tampered releases are visible in the public transparency log.
Every plugin goes through a manual security review before listing. We read the source, run it through the same scanners we sell, and document the capability scopes the plugin can use. The review report is published with the listing.
Paid plugins earn the author the majority share of the listed subscription price. Free plugins earn the author nothing — but they earn maintainer recognition, including a badge on their author profile and on every release.
Tenant admin installs a plugin, scopes its permissions, and configures it through the same RBAC surface as a first-party feature. Every plugin call is logged with the plugin identity, the scope, and the result.
Use category filters or keyword search to find the plugin you want. Read the security review, the changelog, and the list of declared scopes before installing.
Tenant admin installs the plugin. The platform displays the requested scopes — read SBOMs, post webhooks, manage findings — and the admin grants only what's needed.
Configure which projects, products, and user groups the plugin applies to. Plugins respect the same RBAC as the rest of the platform; no shadow access.
The plugin runs in a sandboxed worker with its declared capabilities only. Every call out of the sandbox lands in the audit log with the plugin identity attached.
Updates require a fresh signature check and surface the diff in declared scopes. Removal revokes every artefact created by the plugin in a single transaction.
Paid plugins earn the author the majority share of the listed subscription. Free plugins earn the author maintainer recognition — and a fast lane on future reviews.
Browse the marketplace, install with scopes, and read the review report before you trust a plugin with tenant data.