Tag

AI agent security

44 entries tagged with #agent-security.

See the curated guide →

Specifically agent-focused security: execution sandboxes, MCP scanners, LLM-as-a-judge proxies, and governance toolkits.

GitHub HackFeatured

Claude Code Analysis - architectural reverse-engineering of the leaked source

82 docs and 15 diagrams mapping every major subsystem of Claude Code's accidentally exposed 512K-line TypeScript source - YOLO classifier, 93% context compaction, prompt-cache layout, 88+ feature flags, the custom React-Fiber terminal renderer.

Why I saved this - Useful primary source for anyone building a coding agent - the YOLO two-stage classifier, the cache-busting after MCP instructions, and the 6 compaction strategies are the bits nobody else has documented.

#claude-code #context-engineering #agent-security #skills #prompt-engineering

skill-doctor - inspector for coding-agent skills

Local tool that audits installed agent skills for conflicts, precedence issues, and risk. Helps surface why a particular skill is (or isn't) firing.

#claude-code #skills #agent-security #developer-tools #typescript

OQP - verification protocol for AI agents

MCP-compatible spec defining four endpoints (capabilities, workflows, execute, assess-risk) so agents can prove a shipped change satisfies business requirements before it goes live.

#mcp #agent-security #evals #verification #ai-agent

Kontext CLI - credential broker for AI coding agents

Go CLI that brokers GitHub, Stripe, and database credentials to coding agents per-session with audit trails, replacing copy-pasted .env keys with scoped tokens.

#go #agent-security #cli #developer-tools #credentials

smolvm - portable lightweight VMs in a single file

Open-source CLI for sub-second VMs on macOS (Hypervisor.framework) and Linux (KVM) via libkrun. Sandboxes untrusted code with hardware isolation and packs stateful environments into a single .smolmachine file.

#rust #sandbox #agent-security #cli #self-hosted

mcp-shark - Wireshark for Model Context Protocol

Electron capture and inspection tool for Model Context Protocol traffic. Records every HTTP request/response between an IDE and its MCP servers for forensic analysis.

#mcp #agent-security #observability #developer-tools #javascript

GitHub LibraryFeatured

AgentBox - SDK to run coding agents in any sandbox

One SDK to run Claude Code, Codex, or OpenCode inside Docker, E2B, Modal, Daytona, or Vercel sandboxes - boots each agent's native server (JSON-RPC, HTTP/SSE) instead of using non-interactive --print mode.

#claude-code #codex #opencode #sandbox #agent-security

LABE - legal action boundary eval

Public benchmark that tests an agent at the moment it's about to take a high-impact legal action. Same harness, baseline vs verified, measures unjustified action drops and goal-completion gains.

#evals #agent-security #ai-agent #benchmark

GitHub ToolFeatured

CubeSandbox - sub-60ms self-hosted E2B alternative

Open-source sandbox runtime for LLM-generated code built on RustVMM and KVM. Targets sub-60ms cold starts with full kernel isolation, designed as a self-hostable replacement for closed E2B-style services.

#sandbox #agent-security #rust #self-hosted #kvm

mcp-shodan - Shodan MCP server for AI agents

MCP server exposing Shodan APIs for IP reconnaissance, DNS lookups, and CVE/CPE vulnerability intelligence. Plugs into Claude Code, Codex, Gemini CLI, and Claude Desktop.

#mcp #agent-security #claude-code #typescript #cli

ccmd - TUI to audit and clean developer caches

Rust terminal UI for exploring cache directories on macOS and Linux. Scans cached packages for known CVEs, finds outdated deps, and reclaims disk space.

#tui #rust #developer-tools #agent-security #cli

claude-code-organizer - dashboard for CC configs

npx dashboard to manage Claude Code memories, configs, and MCP servers. Includes a tool-poisoning scanner, context token budget tracker, duplicate cleanup, and scope management.

#claude-code #mcp #agent-security #observability #javascript

lilith-zero - Rust security runtime for MCP

Transport-layer security middleware for LLM agent systems that enforces deterministic policies to mitigate data exfiltration and unauthorized tool calls. OS, language, and framework agnostic.

#mcp #agent-security #rust

sandboxed.sh - self-hosted agent sandbox orchestrator

Self-hosted Rust orchestrator that runs Claude Code and OpenCode inside isolated Linux workspaces, with skills, configs, and encrypted secrets stored in a git repo.

#claude-code #agent-security #rust #self-hosted #multi-agent

code-on-incus - per-agent isolated VMs with active defense

Gives each AI agent its own Incus machine with root, Docker, and systemd. Built-in detector stops threats automatically when an agent goes off-script.

#claude-code #agent-security #self-hosted #python

sandstorm - run Claude agents in cloud sandboxes

FastAPI service for running Claude Code agents in secure E2B cloud sandboxes via API, CLI, or Slack. Single call, full agent, no infrastructure.

#claude-code #agent-security #python #self-hosted

anywhere-agents - portable multi-agent config

Single config that follows you across every project and session: curated writing/routing/skills, plus a destructive-command guard for Claude Code, Codex, and friends.

#claude-code #codex #agents-md #agent-security #python

pipelock - MCP firewall for AI agents

Go-based agent firewall that controls egress from MCP servers, blocking SSRF, DLP leaks, and prompt-injection vectors at the network layer. Acts as a fetch proxy for tool calls.

#mcp #agent-security #go #firewall #ai-agent

Agentjail - self-hosted Linux sandbox for AI code

Minimal Linux sandbox for running untrusted code, designed for AI agents and build systems. Self-hosted alternative to Freestyle.sh-style code execution services.

#agent-security #self-hosted #sandbox

Mulder - MCP server for digital forensics

Containerized MCP server that exposes Volatility, Sleuthkit, Plaso, and other forensic tools as typed tool calls, with append-only audit log and citation-backed findings.

#mcp #agent-security #forensics

Aegis - runtime policy enforcement for AI agents

TypeScript policy engine that wraps agent execution with cryptographic audit trails, human-in-the-loop approvals, and a kill switch, with no code changes to the agent itself.

#agent-security #observability #mcp #typescript

Trace-core - linter for AI-written failure patterns

Static analyzer that catches the 24 specific failure patterns characteristic of AI-generated code, like phantom imports and almost-right API usage.

#agent-security #code-review #cli #typescript

forgemax - sandboxed local MCP gateway

Rust MCP gateway that collapses N servers and M tools into two tools by following the Code Mode pattern, cutting tool-list overhead to roughly 1,000 tokens.

#mcp #rust #gateway #agent-security

agent-vault - credential proxy for AI agents

Infisical's HTTP credential proxy and vault that brokers secrets to AI agents without ever exposing them in the prompt or environment.

#agent-security #go #secrets-management

skylos - PR gate for AI-generated code

CLI that gates pull requests by detecting dead code, leaked secrets, and AI-code regressions across Python, TS/JS, Java, and Go. Designed to catch the failure modes of AI-generated PRs.

#agent-security #code-quality #cli #python #developer-tools

Arcjet JS - AI security building blocks for Node

JS/TS SDK for runtime AI security: prompt-injection defense, bot blocking, rate limits, and budget protection wired into Next.js, Bun, and Node servers. Aimed at apps where agents call your tools.

#agent-security #prompt-injection #typescript #javascript

RedAI - validate vulnerabilities in live targets

Security agent that runs scanner agents to surface candidate vulnerabilities, then has validator agents reproduce each one against a running instance. Outputs only confirmed exploitable findings.

#agent-security #multi-agent #ai-agent

cloudlist - cloud asset inventory CLI

ProjectDiscovery CLI that lists assets across multiple cloud providers from one config. Useful as a recon and inventory step in security workflows.

#devops #cli #go #agent-security

pinact - pin GitHub Actions to commit SHAs

CLI that edits GitHub workflow and composite action files to pin every action and reusable workflow to a commit SHA, with version annotations and update support. Plugs the supply-chain hole left by tag-only references.

#devops #agent-security #cli #go

proxelar - programmable MITM proxy in Rust

Rust MITM proxy that intercepts HTTP/HTTPS in forward and reverse modes with TLS interception, a TUI, and a web GUI. Useful for inspecting what agents and apps are actually sending over the wire.

#rust #tui #developer-tools #agent-security

qtap - eBPF agent for pre-encrypted egress

eBPF agent that captures pre-encrypted network traffic from containers and processes, attributing every egress to its originating process. Aimed at observability and exfiltration detection in agent runtimes.

#agent-security #observability #kubernetes #ebpf

stereOS - hardened Linux for AI agents

Nix-based Linux distribution purpose-built for running AI agents. Hardened defaults and an immutable base aimed at sandboxing autonomous coding agents.

#agent-security #self-hosted #ai-agent #sandbox

routiium - LLM gateway with tool-result guard

Self-hosted, OpenAI-compatible LLM gateway that guards not just user prompts but tool return values - the harder injection surface in agent loops with web fetch, MCP, and shell tools.

#llm-gateway #agent-security #self-hosted #mcp #prompt-injection

Nexus - governance gateway for LLM and MCP traffic

Rust gateway that fronts LLMs and MCP servers with policy enforcement and observability. Aimed at securing agent traffic in larger deployments.

#mcp #agent-security #rust #observability

vibe-check-mcp - mentor feedback for agents

MCP server that gives agents mid-task mentor feedback to break tunnel-vision, over-engineering, and reasoning lock-in. Targets long-horizon coding workflows.

#mcp #claude-code #typescript #agent-security

cordum - agent control plane with policy gates

Open agent control plane in Go that enforces pre-execution policy, approval gates, and audit trails over LangChain, CrewAI, MCP, or any framework.

#agent-security #go #mcp #observability

secure-exec - npm-compatible Node sandboxing

Lightweight library for sandboxing Node.js code execution from agents without containers or VMs, using runtime isolation. Built for code interpreter use cases.

#agent-security #javascript #ai-agent

onecli - credential vault for AI agents

Open-source credential vault that gives AI agents access to third-party services without exposing raw API keys. MCP integration for Claude Code and similar agents.

#agent-security #mcp #cli #typescript

DeepZero - automated kernel driver vuln research

Vulnerability research framework that parses, decompiles, and analyzes Windows kernel drivers for exploitable IOCTLs using AI agents. Sleep through fuzzing campaigns.

#python #agent-security #ai-agent #reverse-engineering #automation

vulnhawk - AI-powered SAST scanner

Static analysis scanner that finds auth bypass, IDOR, and business logic bugs that Semgrep and CodeQL miss. Ships as a free GitHub Action covering Python, JS/TS, Go, PHP, and Ruby.

#agent-security #python #github-actions #static-analysis #developer-tools

lunar - agent-native MCP gateway

MCP gateway focused on governance and security: policy enforcement, request inspection, and rate-limiting between agents and MCP servers. Sits between the model and the tool surface.

#mcp #agent-security #typescript #gateway #governance

AgentShield - security scanner for AI agents

CLI, GitHub Action, and GitHub App that scan agent configs, MCP servers, and tool permissions for vulnerabilities. Detects skill poisoning and prompt-injection vectors.

#security #mcp #claude-code #agent-security #supply-chain

CrabTrap - LLM-as-a-judge proxy for agent security

Brex's HTTP proxy that uses an LLM judge to vet agent traffic in production. Drop it in front of any agent runtime to block exfiltration and jailbreaks.

#security #llm-judge #proxy #agent-security #go

Agent Governance Toolkit

Microsoft's policy engine for autonomous agents: zero-trust identity, execution sandboxing, and reliability checks. Maps to all 10 OWASP Agentic Top 10 categories.

#security #governance #owasp #agent-security #sandbox

Browse other tags

#developer-tools200 #claude-code177 #cli169 #rust99 #mcp88 #typescript84 #codex76 #go74 #ai-agent68 #python65 #self-hosted58 #devops51