agent-scan
Security scanning tool for AI agents, MCP servers, and skills.
- Type
- MCP
- Transport
- stdio
- Open source
- Yes
- GitHub Stars
- ★ 2.6k
- Source
- mcp-github
- Repository
- github.com/snyk/agent-scan
Overview
Snyk Agent Scan is a security tool designed to scan AI agents, MCP servers, and skills. It helps users discover and scan agent components on machines, detecting prompt injection and vulnerabilities. Supports automatic discovery of MCP configurations, agent tools, and skills, and identifies multiple security risks. Ideal for developers and teams needing to ensure the security of AI components. After installation via pip, scans can be run immediately.
Capabilities
- ▪Automatic discovery of MCP configurations, agent tools, and skills
- ▪Detection of prompt injection and vulnerabilities
- ▪Support for multiple agents and operating systems
- ▪Detection of 15+ types of security risks
Use cases
Setup
pip install snyk-agent-scan
This information was compiled by AI from public sources and may contain inaccuracies — please refer to the source.
FAQ
Is the CLI output stable?
CLI output is experimental and may change.
How can I skip skill scanning?
Use the `--no-skills` parameter to ignore skill scanning.
Related skills
gemini-cli
Gemini CLI is an open-source AI agent that brings Gemini's powerful capabilities directly into the terminal.
private-gpt
Provides a complete API layer for local models, supporting RAG, skills, tools, and more.
planning-with-files
File-based persistent planning skill, ideal for AI coding agents and long-running tasks.
scientific-agent-skills
Transform any AI agent into a scientific assistant with 147 ready-to-use research skills.
susi_alexa_skill
A skill that enables question-and-answer interactions between Alexa and Susi AI.
claude-context
Provides code search capabilities for Claude Code, turning the entire codebase into context.