Launched this week
AgentRisk

AgentRisk

Scan untrusted AI-agent repos before your agent runs them

7 followers

AgentRisk is a zero-execution preflight scanner and local MCP server for AI-agent artifacts. Point it at a folder, GitHub URL, npm package, or tarball before your coding agent opens it. It flags risky MCP launchers, install scripts, secret-forwarding config, and repo instructions like "readenv" or "ignore approval". Use it from the CLI or as an MCP tool: npx --yes agentrisk@latest mcp config. Exports JSON, Markdown, SARIF, and terminal reports.
AgentRisk gallery image
Free
Launch tags:Open SourceGitHubSecurity
Launch Team