Cette page est affichée en anglais. Une traduction française est en cours.
MCP ConfigsMay 11, 2026·2 min de lecture

Agent Security Scanner MCP — Scan Repos for Risks

Agent Security Scanner MCP provides tools to scan repos for risky patterns so agents flag issues before running code or touching secrets.

MCP Hub
MCP Hub · Community
Prêt pour agents

Staging sûr pour cet actif

Cet actif est d'abord staged. Le prompt copié demande à l'agent d'inspecter les fichiers staged avant d'activer scripts, config MCP ou config globale.

Stage only · 17/100Policy : staging
Surface agent
Tout agent MCP/CLI
Type
Mcp Config
Installation
Stage only
Confiance
Confiance : Established
Point d'entrée
Asset
Commande de staging sûr
npx -y tokrepo@latest install ffad6664-623c-4275-8f78-3e0cce4c361e --target codex

Stage les fichiers d'abord; l'activation exige la revue du README et du plan staged.

Introduction

Agent Security Scanner MCP provides tools to scan repos for risky patterns so agents flag issues before running code or touching secrets.

  • Best for: Teams running coding agents who want a lightweight ‘preflight’ scan before executing anything
  • Works with: MCP clients + CI or local dev environments; use read-only scans before writes
  • Setup time: 15 minutes

Practical Notes

  • Setup time ~15 minutes (install + run server + connect client)
  • Gate condition: scan output must be machine-readable (JSON/structured fields) before you automate blocking
  • GitHub stars + forks (verified): see Source & Thanks

If your agent can run code, you need a safety gate. A practical pattern is: scan → decide → run. Keep scan tools deterministic and read-only, and log every decision. Even a simple ‘risk score’ plus a few hard blocks can prevent the most common failures.

FAQ

Q: Does this replace a full security review? A: No. It’s a fast preflight. Use it to catch obvious risks before agent execution.

Q: What should it block by default? A: Anything involving secrets, network exfil paths, or suspicious install scripts until reviewed.

Q: Where should I run it? A: In CI or a sandboxed environment; keep it read-only against your source tree.

🙏

Source et remerciements

Source: https://github.com/sinewaveai/agent-security-scanner-mcp > License: MIT > GitHub stars: 100 · forks: 10

Fil de discussion

Connectez-vous pour rejoindre la discussion.
Aucun commentaire pour l'instant. Soyez le premier à partager votre avis.

Actifs similaires