Security scanner for AI agent tooling — MCP servers, tool definitions, and agentic pipelines