# agentshield

> AI agent security scanner. Detect vulnerabilities in agent configurations, MCP servers, and tool permissions. Available as CLI, GitHub Action, ECC plugin, and GitHub App integration. 🛡️

- **URL**: https://www.freshcrate.ai/projects/agentshield
- **Author**: affaan-m
- **Category**: MCP Servers
- **Latest version**: `v1.4.0` (2026-03-22)
- **License**: MIT
- **Source**: https://github.com/affaan-m/agentshield
- **Homepage**: https://cerebralvalley.ai/e/claude-code-hackathon
- **Language**: TypeScript
- **GitHub**: 522 stars, 109 forks
- **Registry**: github
- **Tags**: `ai-agent`, `anthropic`, `claude-code`, `hackathon`, `mcp`, `opus`, `security`, `typescript`

## Description

AI agent security scanner. Detect vulnerabilities in agent configurations, MCP servers, and tool permissions. Available as CLI, GitHub Action, ECC plugin, and GitHub App integration. 🛡️

## Recent releases

| Version | Date | Urgency | Changes |
| --- | --- | --- | --- |
| `v1.4.0` | 2026-03-22 | Medium | ## AgentShield v1.4.0  AI agent security scanner. 102+ rules across 5 categories. Scans Claude Code, Codex, Cursor, and OpenCode configurations for vulnerabilities.  ### Quick Start  **GitHub Action (CI):** ```yaml - uses: affaan-m/agentshield@v1.4.0 ```  **CLI:** ```bash npx ecc-agentshield scan ```  **Drop-in workflow:** Copy `examples/agentshield-workflow.yml` to `.github/workflows/` in any repo.  ### What's New in v1.4.0  - **False positive fix** — deny rules and PreToolU |
| `v1.3.0` | 2026-02-16 | Low | ## What's New in v1.3.0  AgentShield now goes beyond static analysis. The new `--deep` flag runs **5 analysis layers** in a single command.  ### GitHub Action (NEW)  AgentShield is now available as a GitHub Action! Add security scanning to any CI/CD pipeline:  ```yaml - uses: affaan-m/agentshield@v1   with:     min-severity: medium     fail-on-findings: true ```  Features: inline PR annotations, job summary markdown report, configurable severity filter, 4 outputs (score, grade, total-findings, c |
| `v1.2.0` | 2026-02-13 | Low | ## AgentShield v1.2.0  ### What's New - **102 security rules** (up from 56 in v1.0.0) - **912 tests** with comprehensive coverage - **GitHub Action** available at `affaan-m/agentshield@v1`  ### New Rule Categories Since v1.0.0 - Clipboard hijacking & log tampering detection - Auto-approve & timeout manipulation prevention - Reflection & output manipulation blocking - Container escape & package install monitoring - DNS exfiltration & firewall modification detection - SSH key manipulation & backgr |
| `v1.0.0` | 2026-02-11 | Low | Initial release - Security auditor for AI agent configurations. Features: 16 static analysis rules, Opus 4.6 adversarial pipeline, 3 output formats, auto-fix, GitHub Action, npx support. Built at the Claude Code Hackathon. |

## Dependency audit

- **Score**: 100/100
- **Total deps**: 16
- **Resolved**: 16
- **Unresolved**: 0
- **License conflicts**: 0
- **Warnings**: 0
- **Scanned**: 2026-05-18

## Citation

- HTML: https://www.freshcrate.ai/projects/agentshield
- Markdown: https://www.freshcrate.ai/projects/agentshield.md
- Dependencies JSON: https://www.freshcrate.ai/api/projects/agentshield/deps

_Generated by freshcrate.ai. Indexes github releases for AI-agent ecosystem packages._