agentshield
AI agent security scanner. Detect vulnerabilities in agent configurations, MCP servers, and tool permissions. Available as CLI, GitHub Action, ECC plugin, and GitHub App integration. 🛡️
AgentShield is a security scanner for AI agent configurations. It looks at the setup files that tools like Claude Code use, specifically the configuration folder that controls what the AI is allowed to do, and checks for problems that could expose your machine or credentials to attackers.
The tool checks five categories of risk: hardcoded secrets like API keys and passwords buried in config files, overly permissive settings that let the AI run any command without restriction, shell hooks that could allow an attacker to inject and execute malicious code, external AI tool servers (called MCP servers) that carry supply-chain or remote-access risks, and AI agent configurations that give the agent too much access or contain hidden instructions. Across these five categories it applies 102 rules and gives your setup a letter grade from A to F along with a numeric score from 0 to 100.
You run it with a single command. It finds your configuration directory automatically, scans it, and prints a report that lists each problem with its severity, the file where it was found, and a suggested fix. Many simple fixes, like replacing a hardcoded API key with an environment variable reference, can be applied automatically using the --fix flag. You can also generate output as JSON for use in automated pipelines, as HTML for sharing with a team, or in SARIF format for integration with GitHub code scanning.
For deeper analysis there is an optional three-agent mode that uses Claude Opus. One agent plays the role of an attacker looking for exploitable chains, a second plays a defender evaluating existing protections, and a third synthesizes both views into a prioritized action list. This mode requires an Anthropic API key.
The project also includes a GitHub Action for running the scanner automatically on pull requests, a minimal sandboxed AI agent runtime called MiniClaw for teams that want a safe way to expose an AI endpoint over HTTP, and a GitHub App integration for organization-wide scanning. It was built at a Claude Code hackathon in early 2026 and is released under the MIT license. The full README is longer than what was shown.