ecc-agentshield
Security auditor for AI agent configurations. Scans Claude Code setups for vulnerabilities, misconfigs, and injection risks.
Description
Security auditor for AI agent configurations. Scans Claude Code setups for vulnerabilities, misconfigs, and injection risks.
Release History
| Version | Changes | Urgency | Date |
|---|---|---|---|
| 1.4.0 | Imported from npm (1.4.0) | Low | 4/21/2026 |
| v1.4.0 | ## AgentShield v1.4.0 AI agent security scanner. 102+ rules across 5 categories. Scans Claude Code, Codex, Cursor, and OpenCode configurations for vulnerabilities. ### Quick Start **GitHub Action (CI):** ```yaml - uses: affaan-m/agentshield@v1.4.0 ``` **CLI:** ```bash npx ecc-agentshield scan ``` **Drop-in workflow:** Copy `examples/agentshield-workflow.yml` to `.github/workflows/` in any repo. ### What's New in v1.4.0 - **False positive fix** — deny rules and PreToolU | Low | 3/22/2026 |
| v1.3.0 | ## What's New in v1.3.0 AgentShield now goes beyond static analysis. The new `--deep` flag runs **5 analysis layers** in a single command. ### GitHub Action (NEW) AgentShield is now available as a GitHub Action! Add security scanning to any CI/CD pipeline: ```yaml - uses: affaan-m/agentshield@v1 with: min-severity: medium fail-on-findings: true ``` Features: inline PR annotations, job summary markdown report, configurable severity filter, 4 outputs (score, grade, total-findings, c | Low | 2/16/2026 |
| v1.2.0 | ## AgentShield v1.2.0 ### What's New - **102 security rules** (up from 56 in v1.0.0) - **912 tests** with comprehensive coverage - **GitHub Action** available at `affaan-m/agentshield@v1` ### New Rule Categories Since v1.0.0 - Clipboard hijacking & log tampering detection - Auto-approve & timeout manipulation prevention - Reflection & output manipulation blocking - Container escape & package install monitoring - DNS exfiltration & firewall modification detection - SSH key manipulation & backgr | Low | 2/13/2026 |
| v1.0.0 | Initial release - Security auditor for AI agent configurations. Features: 16 static analysis rules, Opus 4.6 adversarial pipeline, 3 output formats, auto-fix, GitHub Action, npx support. Built at the Claude Code Hackathon. | Low | 2/11/2026 |
Dependencies & License Audit
Loading dependencies...
Similar Packages
agentshieldAI agent security scanner. Detect vulnerabilities in agent configurations, MCP servers, and tool permissions. Available as CLI, GitHub Action, ECC plugin, and GitHub App integration. 🛡️v1.4.0
auxiliarAI agent for cloud service recommendations — Chrome-verified pricing, real gotchas, jobs, and community0.2.0
clausidianClaude Code's Obsidian integration — AI agent toolkit for vault management, journal, notes, search, index sync, and more3.7.0
mofloMoFlo — AI agent orchestration for Claude Code. Forked from ruflo/claude-flow with patches applied to source, plus feature-level orchestration.4.8.79