Panguard AI provides the first Skills Audit for AI agents. It audits every skill before it runs, catches known threats with community ATR (Agent Threat Rules), catches unknown threats with AI analysis, and shares new rules to protect everyone. MIT licensed. Open source.
REAL DATA
We scanned 2,386 MCP Skills
From 4,648 registry entries across 3 sources. Here's what we found.
51.1%
SAFE
1,219 skills
16.8%
CRITICAL
402 skills
10.1%
HIGH
240 skills
12.5%
MEDIUM
299 skills
What CRITICAL means in practice
Read ~/.ssh/id_rsa and exfiltrate private keys
Send API keys to external servers
Inject malicious instructions into prompts
Silently modify git commits
This is why every skill needs an audit before it runs.
THE GAP
Traditional security can't see AI agent threats
CrowdStrike protects your OS. Snyk protects your code. Lakera filters prompts. Nobody protects your AI agent.
Traditional security sees:
- Process execution, file access, network calls
- Malware signatures, ransomware patterns
- Known CVEs in installed packages
But completely misses:
- Prompt injection in agent conversations
- Malicious MCP skill definitions
- Credential theft via agent tool calls
- Supply chain attacks via skill packages
| Capability | PanGuard | CrowdStrike |
|---|---|---|
| AI agent threat detection | ||
| MCP skill pre-install audit | ||
| Prompt injection detection | 21 ATR rules | |
| Runtime agent monitoring | 24/7 daemon | Endpoints only |
| Cost | $0 (MIT) | $25-60/ep/mo |
PanGuard fills the gap with 61 detection rules. Open source. Free forever.
OPEN STANDARD
The AI era needs a new audit standard
ATR (Agent Threat Rules) is purpose-built for AI agent threats. The first open detection standard for AI agent security.
61
Detection Rules
9
Threat Categories
474+
Detection Patterns
Open source. Community-driven. Growing daily.
View ATR on GitHubTHREE LAYERS OF DEFENSE
Pre-deployment audit. Runtime protection. Community intelligence.
Each layer feeds the next. Together, they form a closed-loop defense that gets stronger with every user.
PRE-DEPLOYMENT
Skill Auditor
Static analysis engine that scans MCP skills and AI agent tools before they run. Detects prompt injection, credential theft, data exfiltration, and 6 more threat categories using ATR pattern matching.
61
ATR Rules
8
Audit Checks
<3s
Scan Time
RUNTIME
Guard
Once installed, you never have to think about AI security again. Guard watches everything your agents do -- every file they touch, every network call they make, every dependency they install. If something looks wrong, it's blocked before any damage happens.
61
Detection Rules
3
Detection Layers
11
Response Actions
COMMUNITY
Threat Cloud
Anonymous threat intelligence network. When one user detects a threat, the finding is proposed as an ATR rule, reviewed by community + LLM consensus, then distributed to all users. Collective immunity.
225
Auto-Generated Rules
1h
Sync Interval
MIT
License
The more people install, the safer everyone gets.
Blocked threats are auto-converted into new detection rules.
Rules are anonymously shared to Threat Cloud for all users.
The more people install, the faster threats are caught. Collective immunity.
24/7 PROTECTION
Done scanning? One command, always protected.
Guard monitors your AI agents in real-time. 61 detection rules. Auto-blocks known threats. Your agent becomes a defender for the entire network.
npx panguard setupStart with a scan. Stay for the protection.
100% free. 100% open source. MIT licensed.
curl -fsSL https://get.panguard.ai | bashEvery scan makes the community safer. Join the collective defense network.