Esta página se muestra en inglés. Una traducción al español está en curso.
SkillsMay 13, 2026·3 min de lectura

Aguara — Security Scanner for MCP & Skills

Offline scanner for agent skills and MCP servers. Detect prompt injection and exfiltration; outputs JSON/SARIF and supports CI thresholds.

Listo para agents

Instalación lista para agent

Este activo puede instalarse después de elegir el runtime, revisar el plan y ejecutar el comando correspondiente.

Native · 98/100Política: permitir
Superficie agent
Cualquier agent MCP/CLI
Tipo
Skill
Instalación
Single
Confianza
Confianza: Established
Entrada
Asset
Comando de instalación directa
npx -y tokrepo@latest install 46af3104-2fa4-5668-aa27-19c4afa63a03 --target codex

Ejecutar después de confirmar el plan con dry-run.

Introducción

Aguara is an offline security scanner that inspects agent skills and MCP servers before you run them, helping catch prompt injection and credential exfiltration patterns early.

Best for: Teams deploying MCP servers, skill marketplaces, and CI policy gates for tool safety

Works with: macOS/Linux; Go install or Homebrew; can run in Docker for hermetic scans

Setup time: 5–15 minutes

Key facts (verified)

  • README highlights 189 detection rules across 14 categories and an aggregate 0–100 risk score.
  • Supports JSON and SARIF outputs plus CLI thresholds like --severity / --fail-on (README).
  • GitHub: 76 stars · 15 forks; pushed 2026-05-13 (GitHub API verified).

Main

Use Aguara as a preflight step for any “tooling you didn’t author”:

  1. Scan new MCP servers before adding them to .mcp.json or deploying to shared environments.
  2. Scan skill repos before publishing to a registry, and fail CI on high-severity findings.
  3. Keep a baseline JSON report per version so reviews can diff risk changes over time.

README excerpt (verbatim)

Aguara

Security scanner for AI agent skills and MCP servers.
Detect prompt injection, data exfiltration, and supply-chain attacks before they reach production.

CI Go Report Card Go Reference GitHub Release License GitHub Stars Docker Homebrew

InstallationQuick StartHow It WorksUsageRulesIncident ResponseAguara MCPAguara WatchContributing

https://github.com/user-attachments/assets/851333be-048f-48fa-aaf3-f8cc1d4aa594

Why Aguara?

AI agents and MCP servers run code on your behalf. A single malicious skill file can exfiltrate credentials, inject prompts, or install backdoors. Aguara catches these threats before deployment with static analysis that requires no API keys, no cloud, and no LLM.

  • 189 detection rules across 14 categories — prompt injection, data exfiltration, credential leaks, supply-chain attacks, MCP-specific threats, command execution, SSRF, unicode attacks, and more.

FAQ

Q: Does Aguara require an LLM or API keys? A: README states the analysis is offline and deterministic, so it does not require API keys or a cloud service.

Q: How do I use it in CI? A: Run aguara scan and fail on a chosen threshold (e.g., --severity high) while exporting JSON/SARIF artifacts.

Q: What should I scan? A: Scan skill markdown/YAML/JSON plus MCP server directories so Aguara can detect cross-file risky flows.

🙏

Fuente y agradecimientos

Source: https://github.com/garagon/aguara > License: Apache-2.0 > GitHub stars: 76 · forks: 15

Discusión

Inicia sesión para unirte a la discusión.
Aún no hay comentarios. Sé el primero en compartir tus ideas.

Activos relacionados