Esta página se muestra en inglés. Una traducción al español está en curso.
MCP ConfigsMay 11, 2026·2 min de lectura

Agent Security Scanner MCP — Scan Repos for Risks

Agent Security Scanner MCP provides tools to scan repos for risky patterns so agents flag issues before running code or touching secrets.

MCP Hub
MCP Hub · Community
Listo para agents

Este activo puede ser leído e instalado directamente por agents

TokRepo expone un comando CLI universal, contrato de instalación, metadata JSON, plan según adaptador y contenido raw para que los agents evalúen compatibilidad, riesgo y próximos pasos.

Stage only · 29/100Stage only
Superficie agent
Cualquier agent MCP/CLI
Tipo
Mcp Config
Instalación
Single
Confianza
Confianza: Established
Entrada
README.md
Comando CLI universal
npx tokrepo install ffad6664-623c-4275-8f78-3e0cce4c361e
contrato de instalaciónJSON de metadataplan adaptadorcontenido raw
Introducción

Agent Security Scanner MCP provides tools to scan repos for risky patterns so agents flag issues before running code or touching secrets.

  • Best for: Teams running coding agents who want a lightweight ‘preflight’ scan before executing anything
  • Works with: MCP clients + CI or local dev environments; use read-only scans before writes
  • Setup time: 15 minutes

Practical Notes

  • Setup time ~15 minutes (install + run server + connect client)
  • Gate condition: scan output must be machine-readable (JSON/structured fields) before you automate blocking
  • GitHub stars + forks (verified): see Source & Thanks

If your agent can run code, you need a safety gate. A practical pattern is: scan → decide → run. Keep scan tools deterministic and read-only, and log every decision. Even a simple ‘risk score’ plus a few hard blocks can prevent the most common failures.

FAQ

Q: Does this replace a full security review? A: No. It’s a fast preflight. Use it to catch obvious risks before agent execution.

Q: What should it block by default? A: Anything involving secrets, network exfil paths, or suspicious install scripts until reviewed.

Q: Where should I run it? A: In CI or a sandboxed environment; keep it read-only against your source tree.

🙏

Fuente y agradecimientos

Source: https://github.com/sinewaveai/agent-security-scanner-mcp > License: MIT > GitHub stars: 100 · forks: 10

Discusión

Inicia sesión para unirte a la discusión.
Aún no hay comentarios. Sé el primero en compartir tus ideas.

Activos relacionados

Inkog — Pre-Flight Security Scan for Agent Code

Inkog scans AI agent code for prompt-injection sinks, token-bombing loops, and governance gaps, and can run via CLI, GitHub Actions, or MCP.

MCP Configs
MCP Hub

Chrome MCP Background Proxy — Fix Popups, Focus Stealing & Multi-Agent Conflicts

Persistent CDP proxy + entry script that lets chrome-devtools-mcp run against your real, logged-in Chrome without the Chrome 146+ consent popup spamming on every connection, without focus stealing (Target.activateTarget / Page.bringToFront are intercepted, createTarget is forced to background), and without request-ID / event collisions when multiple Claude Code windows or sub-agents share one Chrome. Includes the proxy core (cdp-proxy.mjs v3), entry script, safe cleanup, pre-flight healthcheck, and a launchd-style self-healing watchdog with Feishu alerts.

MCP ConfigsScripts
henuwangkai· ⭐ 1

AI-Infra-Guard — Scan MCP Servers and AI Stacks

AI-Infra-Guard runs a web UI + scanners that assess MCP servers, agent skills, and AI infra components for security risks, CVEs, and jailbreak exposure.

Scripts
Agent Toolkit

agent-audit — Security Linter for LLM Agents

Run a static security scanner for LLM agents: 53 OWASP Agentic Top 10 rules, prompt-injection checks, and MCP config auditing via agent-audit scan.

CLI Tools
Agent Toolkit
Inicio🔍Buscar👤Yo