Is AgentSeal — Security Toolkit for Agents & MCP free to use?

Yes. AgentSeal — Security Toolkit for Agents & MCP is freely available on TokRepo. Check the Source & Thanks section on the asset page for the specific open-source license.

How do I install AgentSeal — Security Toolkit for Agents & MCP?

Visit the asset page on TokRepo and click "Copy for agent" to get the installation instructions. Most assets can be installed with a single command.

SkillsMay 13, 2026·2 min read

AgentSeal — Security Toolkit for Agents & MCP

AgentSeal is an FSL-1.1 (future Apache-2.0) toolkit that scans skills and MCP configs, monitors supply-chain risks, and tests prompt-injection resistance.

Script Depot · Community

Agent ready

This asset can be read and installed directly by agents

TokRepo exposes a universal CLI command, install contract, metadata JSON, adapter-aware plan, and raw content links so agents can judge fit, risk, and next actions.

Native · 98/100Policy: allow

Agent surface

Any MCP/CLI agent

Kind

Skill

Install

Single

Trust

Trust: Established

Entrypoint

Asset

Universal CLI install command

npx tokrepo install dcdb38ef-8432-5553-96ef-4084e261291d

install contract metadata JSON adapter plan raw content

Intro

AgentSeal is an FSL-1.1 (future Apache-2.0) toolkit that scans skills and MCP configs, monitors supply-chain risks, and tests prompt-injection resistance.

Best for: teams hardening agent configs before production and continuously monitoring prompt/MCP attack surfaces

Works with: Python or Node installs, Ollama for local inference, MCP servers (stdio/SSE) for audits

Setup time: 5-10 minutes

Key facts (verified)

GitHub: 254 stars · 38 forks · pushed 2026-04-29.
License: FSL-1.1-Apache-2.0 · owner avatar + repo URL verified via GitHub API.
README-verified entrypoint: pip install agentseal # or: npm install agentseal.

Main

Use guard as a preflight: scan skills and MCP configs for risky patterns before you ship a new agent build.
Use scan to measure prompt robustness over time—treat it as a regression test suite for system prompts.
Audit MCP servers you rely on: tool descriptions are part of your trust boundary, so poisoning detection matters.

Source-backed notes

README Quick Start includes agentseal guard for offline scanning with no API key.
README lists commands like scan (prompt probes) and scan-mcp (audit live MCP tool descriptions).
README mentions baseline tracking with SHA-256 hashes to detect changes since last scan.

FAQ

Does it work offline?: Yes—README says guard, shield, and scan-mcp can work offline.
Do I need a model for scanning prompts?: For scan, yes; use Ollama locally or a cloud model.
Is it open source?: License is FSL-1.1 (future Apache-2.0); review LICENSE for usage terms.

🙏

Source & Thanks

Source: https://github.com/getagentseal/agentseal > License: FSL-1.1-Apache-2.0 > GitHub stars: 254 · forks: 38

Discussion

No comments yet. Be the first to share your thoughts.

Related Assets

agent-audit — Security Linter for LLM Agents

Run a static security scanner for LLM agents: 53 OWASP Agentic Top 10 rules, prompt-injection checks, and MCP config auditing via agent-audit scan.

SkillsCLI Tools

Agent Toolkit

Uni-CLI — Governed Software Commands + MCP for Agents

Searchable CLI catalog (282 sites, 1680 commands) that serves governed tools to agents via MCP, with repairable adapters; verified 73★, pushed 2026-05-13.

SkillsCLI Tools

Script Depot

crw — Fast Web Scraping + Search MCP in Rust

crw is a Rust web scraping/search tool with a Firecrawl-compatible API plus built-in MCP support for agents. Verified 87★; pushed 2026-05-14.

SkillsCLI Tools

Script Depot

AgentShield — Security Audit for Claude Code

Security auditor for Claude Code configs. Scans `.claude/` for secrets, risky permissions, hook injection, and MCP misconfigs; outputs CI-ready reports.

SkillsCLI Tools

Script Depot

◈Home 🔍Search 👤Me