Cette page est affichée en anglais. Une traduction française est en cours.
MCP ConfigsMay 11, 2026·2 min de lecture

Agent Security Scanner MCP — Scan Repos for Risks

Agent Security Scanner MCP provides tools to scan repos for risky patterns so agents flag issues before running code or touching secrets.

MCP Hub
MCP Hub · Community
Prêt pour agents

Cet actif peut être lu et installé directement par les agents

TokRepo expose une commande CLI universelle, un contrat d'installation, le metadata JSON, un plan selon l'adaptateur et le contenu raw pour aider les agents à juger l'adaptation, le risque et les prochaines actions.

Stage only · 29/100Stage only
Surface agent
Tout agent MCP/CLI
Type
Mcp Config
Installation
Single
Confiance
Confiance : Established
Point d'entrée
README.md
Commande CLI universelle
npx tokrepo install ffad6664-623c-4275-8f78-3e0cce4c361e
contrat d'installationJSON metadataplan adaptateurcontenu raw
Introduction

Agent Security Scanner MCP provides tools to scan repos for risky patterns so agents flag issues before running code or touching secrets.

  • Best for: Teams running coding agents who want a lightweight ‘preflight’ scan before executing anything
  • Works with: MCP clients + CI or local dev environments; use read-only scans before writes
  • Setup time: 15 minutes

Practical Notes

  • Setup time ~15 minutes (install + run server + connect client)
  • Gate condition: scan output must be machine-readable (JSON/structured fields) before you automate blocking
  • GitHub stars + forks (verified): see Source & Thanks

If your agent can run code, you need a safety gate. A practical pattern is: scan → decide → run. Keep scan tools deterministic and read-only, and log every decision. Even a simple ‘risk score’ plus a few hard blocks can prevent the most common failures.

FAQ

Q: Does this replace a full security review? A: No. It’s a fast preflight. Use it to catch obvious risks before agent execution.

Q: What should it block by default? A: Anything involving secrets, network exfil paths, or suspicious install scripts until reviewed.

Q: Where should I run it? A: In CI or a sandboxed environment; keep it read-only against your source tree.

🙏

Source et remerciements

Source: https://github.com/sinewaveai/agent-security-scanner-mcp > License: MIT > GitHub stars: 100 · forks: 10

Fil de discussion

Connectez-vous pour rejoindre la discussion.
Aucun commentaire pour l'instant. Soyez le premier à partager votre avis.

Actifs similaires

Inkog — Pre-Flight Security Scan for Agent Code

Inkog scans AI agent code for prompt-injection sinks, token-bombing loops, and governance gaps, and can run via CLI, GitHub Actions, or MCP.

MCP Configs
MCP Hub

Chrome MCP Background Proxy — Fix Popups, Focus Stealing & Multi-Agent Conflicts

Persistent CDP proxy + entry script that lets chrome-devtools-mcp run against your real, logged-in Chrome without the Chrome 146+ consent popup spamming on every connection, without focus stealing (Target.activateTarget / Page.bringToFront are intercepted, createTarget is forced to background), and without request-ID / event collisions when multiple Claude Code windows or sub-agents share one Chrome. Includes the proxy core (cdp-proxy.mjs v3), entry script, safe cleanup, pre-flight healthcheck, and a launchd-style self-healing watchdog with Feishu alerts.

MCP ConfigsScripts
henuwangkai· ⭐ 1

AI-Infra-Guard — Scan MCP Servers and AI Stacks

AI-Infra-Guard runs a web UI + scanners that assess MCP servers, agent skills, and AI infra components for security risks, CVEs, and jailbreak exposure.

Scripts
Agent Toolkit

agent-audit — Security Linter for LLM Agents

Run a static security scanner for LLM agents: 53 OWASP Agentic Top 10 rules, prompt-injection checks, and MCP config auditing via agent-audit scan.

CLI Tools
Agent Toolkit
Accueil🔍Rechercher👤Moi