Is Agentic Security — LLM/MCP Red-Team Scanner free to use?

Yes. Agentic Security — LLM/MCP Red-Team Scanner is freely available on TokRepo. Check the Source & Thanks section on the asset page for the specific open-source license.

How do I install Agentic Security — LLM/MCP Red-Team Scanner?

Visit the asset page on TokRepo and click "Copy for agent" to get the installation instructions. Most assets can be installed with a single command.

ScriptsMay 12, 2026·2 min read

Agentic Security — LLM/MCP Red-Team Scanner

Name: Agentic Security — LLM/MCP Red-Team Scanner
Author: Agent Toolkit

Agentic Security is a Python tool to probe LLM apps with attack prompts and run scans; it also ships an MCP server entrypoint for tool-based workflows.

Agent Toolkit · Community

Agent ready

This asset can be read and installed directly by agents

TokRepo exposes a universal CLI command, install contract, metadata JSON, adapter-aware plan, and raw content links so agents can judge fit, risk, and next actions.

Stage only · 29/100Stage only

Agent surface

Any MCP/CLI agent

Kind

Script

Install

Single

Trust

Trust: Established

Entrypoint

agentic_security

Universal CLI install command

npx tokrepo install a2379bc5-47cb-434b-8cd6-a12cfca6753a

install contract metadata JSON adapter plan raw content

Intro

Agentic Security is a Python tool to probe LLM apps with attack prompts and run scans; it also ships an MCP server entrypoint for tool-based workflows.

Best for: security teams validating LLM safety, jailbreak resistance, and tool-call hardening
Works with: Python, local datasets (CSV), optional MCP server install
Setup time: 15–45 minutes

Practical Notes

Data point: the README example shows the server running on port 8718.
Quant: run scans against staging first; promote to CI only after false-positive tuning.

Pattern: build a reproducible red-team harness

To avoid one-off, non-repeatable results:

pin the dataset version (CSV),
log model + parameters,
and store scan outputs as artifacts.

Pattern: scan tool servers too

If your agent uses MCP servers, treat them as part of your attack surface:

scan repo code,
scan remote URLs before deployment,
and add allowlists for file/network capabilities.

FAQ

Q: Is it open-source? A: Yes. The repo is Apache-2.0 licensed.

Q: Can it run without an MCP client? A: Yes. You can run the scanner directly as a CLI.

Q: What’s the safest rollout? A: Start on staging and log everything; then gradually enable CI gates.

🙏

Source & Thanks

Source: https://github.com/msoedov/agentic_security > License: Apache-2.0 > GitHub stars: 1,867 · forks: 249

Discussion

No comments yet. Be the first to share your thoughts.

Related Assets

Agentic SOC Platform — LLM-Powered Security Operations

Agentic SOC Platform is an open-source, agent-centric SOC with modules, playbooks, and an incident response UI for local deployment and data control.

Scripts

AI Open Source

agent-audit — Security Linter for LLM Agents

Run a static security scanner for LLM agents: 53 OWASP Agentic Top 10 rules, prompt-injection checks, and MCP config auditing via agent-audit scan.

CLI Tools

Agent Toolkit

Agent Security Scanner MCP — Scan Repos for Risks

Agent Security Scanner MCP provides tools to scan repos for risky patterns so agents flag issues before running code or touching secrets.

MCP Configs

MCP Hub

llm-guard — Secure LLM Inputs & Outputs

Harden LLM apps with a scanner pipeline for prompt injection, PII leakage, toxicity, and unsafe output. Install in minutes and gate requests in code.

Scripts

Script Depot

◈Home 🔍Search 👤Me