agent-security-scanner-mcp MCP工具 是 AI Skill Hub 本期精选MCP工具之一。综合评分 8.2 分,整体质量较高。我们强烈推荐将其纳入你的 AI 工具库,帮助提升工作效率。
专为AI编码智能体设计的MCP安全工具,提供提示词注入防火墙、代码安全扫描和自动修复功能。支持Claude Code、Cline等主流AI编码助手,帮助开发者和企业防御AI代理的安全风险。
agent-security-scanner-mcp MCP工具 是一款遵循 MCP(Model Context Protocol)标准协议的 AI 工具扩展。通过 MCP 协议,它可以让 Claude、Cursor 等主流 AI 客户端直接访问和操作外部工具、数据源和服务,实现 AI 能力的无缝扩展。无论是文件操作、数据库查询还是 API 调用,都可以通过自然语言在 AI 对话中直接触发,极大提升生产效率。
专为AI编码智能体设计的MCP安全工具,提供提示词注入防火墙、代码安全扫描和自动修复功能。支持Claude Code、Cline等主流AI编码助手,帮助开发者和企业防御AI代理的安全风险。
agent-security-scanner-mcp MCP工具 是一款遵循 MCP(Model Context Protocol)标准协议的 AI 工具扩展。通过 MCP 协议,它可以让 Claude、Cursor 等主流 AI 客户端直接访问和操作外部工具、数据源和服务,实现 AI 能力的无缝扩展。无论是文件操作、数据库查询还是 API 调用,都可以通过自然语言在 AI 对话中直接触发,极大提升生产效率。
# 方式一:通过 Claude Code CLI 一键安装
claude skill install https://github.com/sinewaveai/agent-security-scanner-mcp
# 方式二:手动配置 claude_desktop_config.json
{
"mcpServers": {
"agent-security-scanner-mcp-mcp--": {
"command": "npx",
"args": ["-y", "agent-security-scanner-mcp"]
}
}
}
# 配置文件位置
# macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
# Windows: %APPDATA%/Claude/claude_desktop_config.json
# 安装后在 Claude 对话中直接使用 # 示例: 用户: 请帮我用 agent-security-scanner-mcp MCP工具 执行以下任务... Claude: [自动调用 agent-security-scanner-mcp MCP工具 MCP 工具处理请求] # 查看可用工具列表 # 在 Claude 中输入:"列出所有可用的 MCP 工具"
// claude_desktop_config.json 配置示例
{
"mcpServers": {
"agent-security-scanner-mcp_mcp__": {
"command": "npx",
"args": ["-y", "agent-security-scanner-mcp"],
"env": {
// "API_KEY": "your-api-key-here"
}
}
}
}
// 保存后重启 Claude Desktop 生效
<img src="./prooflayer-logo.png" alt="ProofLayer Logo" width="400"/>
npx agent-security-scanner-mcp sbom-vulnerabilities .
sbom-vulnerabilities <dir> [--sbom-path <path>] [--verbosity minimal|compact|full]
---
npx agent-security-scanner-mcp scan-security ./app.py --verbosity minimal
check_package → verify each new package name is real, not hallucinated
pip install pyyaml) — required for rule loadingpip install tree-sitter tree-sitter-python tree-sitter-javascriptnpm install -g agent-security-scanner-mcp
scan_mcp_server({ server_path: "...", manifest: true, update_baseline: true })
scan_skill({ skill_path: "~/.openclaw/skills/my-skill", baseline: true })
npm install -g agent-security-scanner-mcp
Or use directly with npx — no install required:
npx agent-security-scanner-mcp
| Client | Command |
|---|---|
| Claude Code | npx agent-security-scanner-mcp init claude-code |
| Claude Desktop | npx agent-security-scanner-mcp init claude-desktop |
| Cursor | npx agent-security-scanner-mcp init cursor |
| Windsurf | npx agent-security-scanner-mcp init windsurf |
| Cline | npx agent-security-scanner-mcp init cline |
| Kilo Code | npx agent-security-scanner-mcp init kilo-code |
| OpenCode | npx agent-security-scanner-mcp init opencode |
| Cody | npx agent-security-scanner-mcp init cody |
| **OpenClaw** | npx agent-security-scanner-mcp init openclaw |
| Interactive | npx agent-security-scanner-mcp init |
The init command auto-detects your OS, locates the config file, creates a backup, and adds the MCP server entry. Restart your client after running init.
npx agent-security-scanner-mcp init-hooks
npx agent-security-scanner-mcp init-hooks
This installs a post-tool-use hook that triggers security scanning after Write, Edit, or MultiEdit operations.
The command adds hooks to ~/.claude/settings.json:
{
"hooks": {
"post-tool-use": [
{
"matcher": "Write|Edit|MultiEdit",
"command": "npx agent-security-scanner-mcp scan-security \"$TOOL_INPUT_file_path\" --verbosity minimal"
}
]
}
}
npx agent-security-scanner-mcp init openclaw
This installs a skill to ~/.openclaw/workspace/skills/security-scanner/.
npx agent-security-scanner-mcp init claude-code
Restart your client after running init. That's it — the scanner is active.
Other clients: Replaceclaude-codewithcursor,claude-desktop,windsurf,cline,kilo-code,opencode, orcody. Run with no argument for interactive client selection.
After installing agent-security-scanner-mcp, the cr-agent CLI is automatically available:
```bash
```bash
```bash
The skill is auto-discovered. Use it by asking: - "Scan this prompt for security issues" - "Check if this code is safe to run" - "Verify these packages aren't hallucinated" - "Scan this skill before I install it"
---
// Minimal - just counts (~50 tokens)
{ "file_path": "app.py", "verbosity": "minimal" }
// Returns: { "total": 5, "critical": 2, "warning": 3, "message": "Found 5 issue(s)" }
// Compact - actionable info (~200 tokens, default)
{ "file_path": "app.py", "verbosity": "compact" }
// Returns: { "issues": [{ "line": 42, "ruleId": "...", "severity": "error", "fix": "..." }] }
// Full - complete metadata (~2,500 tokens)
{ "file_path": "app.py", "verbosity": "full" }
// Returns: { "issues": [{ ...all fields including CWE, OWASP, references }] }
| Flag | Description | Default |
|---|---|---|
-p, --provider | LLM provider (anthropic, openai, claude-cli) | anthropic |
-m, --model | Analysis model | claude-sonnet-4-20250514 / gpt-4o |
-c, --confidence | Confidence threshold (0-1) | 0.7 |
-f, --format | Output format (text, json, sarif) | text |
-v, --verbose | Show reasoning and suggested actions | false |
--exclude | Patterns to exclude | node_modules dist .git |
| Flag | Description |
|---|---|
--dry-run | Preview changes without applying |
--force | Overwrite an existing server entry |
--path <path> | Use a custom config file path |
--name <name> | Use a custom server name |
Add to your MCP client config:
{
"mcpServers": {
"security-scanner": {
"command": "npx",
"args": ["-y", "agent-security-scanner-mcp"]
}
}
}
Config file locations:
| Client | Path |
|---|---|
| Claude Desktop (macOS) | ~/Library/Application Support/Claude/claude_desktop_config.json |
| Claude Desktop (Windows) | %APPDATA%\Claude\claude_desktop_config.json |
| Claude Code | ~/.claude/settings.json |
Create a .scannerrc.yaml or .scannerrc.json in your project root to customize scanning behavior:
```yaml
npx cr-agent analyze ./path/to/project -p claude-cli --verbose
```bash
```bash
Use the scanner directly from command line (for scripts, CI/CD, or OpenClaw):
```bash
npm install -g clawproof clawproof scan ./SKILL.md ```
Security Reports: We've scanned all 777 ClawHub skills: - 69.5% have security issues - 21.2% have critical vulnerabilities (Grade F - DO NOT INSTALL) - 30.5% are completely safe (Grade A) - 4,129 prompt injection patterns detected
See ClawHub Security Dashboard for interactive exploration of all 16,532 skills with searchable security grades and detailed findings.
Detection Capabilities: - Prompt Injection (15 patterns): "ignore previous instructions", role manipulation - Jailbreaks (4 patterns): DAN mode, developer mode, pretend scenarios - Data Exfiltration (2 patterns): External URLs, base64 encoding - Hidden Instructions (2 patterns): HTML comments, secret directives
Security Grading: - A (0 points): Safe to install - B (1-10): Low risk - review findings - C (11-25): Medium risk - use with caution - D (26-50): High risk - not recommended - F (51+): DO NOT INSTALL - critical threats
---
npx agent-security-scanner-mcp sbom-check-hallucinations .
Verify a package name is real and not AI-hallucinated before adding it as a dependency. Use whenever suggesting or installing a new package. Checks against 4.3M+ known packages.
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
package_name | string | Yes | The package name to verify (e.g., "express", "flask") |
ecosystem | string | Yes | One of: npm, pypi, rubygems, crates, dart, perl, raku |
Example:
// Input — checking a real package
{ "package_name": "express", "ecosystem": "npm" }
// Output
{
"package": "express",
"ecosystem": "npm",
"legitimate": true,
"hallucinated": false,
"confidence": "high",
"recommendation": "Package exists in registry - safe to use"
}
// Input — checking a hallucinated package
{ "package_name": "react-async-hooks-utils", "ecosystem": "npm" }
// Output
{
"package": "react-async-hooks-utils",
"ecosystem": "npm",
"legitimate": false,
"hallucinated": true,
"confidence": "high",
"recommendation": "Do not install. This package name does not exist in the npm registry."
}
---
Scan a code file's imports to detect AI-hallucinated package names. Use after writing code that adds new dependencies, or when reviewing dependency files (package.json, requirements.txt, go.mod, etc.). Checks all imports against 4.3M+ known packages across 7 ecosystems.
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
file_path | string | Yes | Path to the code file or dependency manifest to scan |
ecosystem | string | Yes | npm, pypi, rubygems, crates, dart, perl, raku |
verbosity | string | No | "minimal" (counts only), "compact" (default, flagged packages), "full" (all details) |
Example:
// Input
{ "file_path": "src/app.py", "ecosystem": "pypi" }
// Output
{
"file": "src/app.py",
"ecosystem": "pypi",
"total_packages_found": 5,
"legitimate_count": 4,
"hallucinated_count": 1,
"hallucinated_packages": ["flask-async-helpers"],
"legitimate_packages": ["flask", "requests", "sqlalchemy", "pydantic"],
"recommendation": "Found 1 potentially hallucinated package(s): flask-async-helpers"
}
---
npx agent-security-scanner-mcp check-package flask pypi
npx agent-security-scanner-mcp scan-packages ./requirements.txt pypi
OpenClaw is an autonomous AI assistant with broad system access. This scanner provides security guardrails for OpenClaw users.
scan_security supports SARIF 2.1.0 output for CI/CD integration:
{ "file_path": "src/app.js", "output_format": "sarif" }
Upload results to GitHub Advanced Security or GitLab SAST dashboard.
---
npx agent-security-scanner-mcp sbom-diff . --save-baseline # First run npx agent-security-scanner-mcp sbom-diff . # Subsequent runs
sbom-diff <dir> [--save-baseline] [--baseline-path <path>] [--verbosity minimal|compact|full]
agent-security-scanner-mcp 是一款专为 AI Agent 环境设计的安全扫描工具。它能够通过分析项目的 README、依赖项及代码结构来构建意图画像(Intent Profiling),并结合动态分块(Dynamic Chunking)技术处理大型文件,确保在 Token 预算内完成深度扫描。该工具支持多种输出格式,并能通过依赖图(Dependency Graph)解析 JS/TS/Python 的导入关系,有效防御 Prompt Injection 等安全威胁。
本项目具备强大的安全分析能力:支持通过 OSV.dev 数据库扫描 SBOM 漏洞;具备智能意图识别功能,可理解项目用途;采用动态分块技术优化 Token 使用;支持多种输出格式(彩色终端文本、JSON、SARIF 2.1.0);内置依赖图解析引擎,可处理复杂的 JS/TS/Python 导入及 Barrel re-exports;并提供针对 Prompt Injection 的防御机制。
运行本项目需要满足以下环境要求:必须安装 Node.js >= 18.0.0 以及 Python 3.x(用于驱动分析引擎);此外,需要通过 pip 安装 PyYAML 以支持规则加载;若需增强 AST(抽象语法树)检测能力,建议安装 tree-sitter 及其对应的 Python 插件(如 tree-sitter-python)。
可以通过 npm 全局安装该工具:执行 `npm install -g agent-security-scanner-mcp`。安装完成后,内置的 `cr-agent` CLI 将自动可用。首次安装时,系统会提示记录受信任的基准线(Trusted Baseline),以确保后续扫描的安全性。
快速上手:使用 `npx agent-security-scanner-mcp init <client-name>` 初始化你的客户端环境(如 `claude-code`)。初始化完成后,请重启客户端使扫描器生效。该工具支持多种客户端,包括 Cursor、Claude Desktop、Windsurf、Cline、Cody 等。若不带参数运行,将进入交互式客户端选择模式。此外,也可使用 `cr-agent` CLI 进行项目分析。
用户可以通过 CLI 参数灵活配置分析行为。使用 `-p` 或 `--provider` 指定 LLM 提供商(支持 anthropic、openai、claude-cli);使用 `-m` 指定分析模型;通过 `-c` 设置置信度阈值(0-1)。在初始化时,支持 `--dry-run` 进行预览或 `--force` 强制覆盖现有配置。对于 MCP 客户端,需手动在配置文件(如 Claude Desktop 的 config.json)中添加 mcpServers 配置项。
本项目提供了强大的 CLI 接口进行项目分析。通过 `npx cr-agent analyze <path>` 命令,你可以对指定路径的项目进行深度扫描。值得注意的是,如果配合 `claude-cli` 使用,分析过程无需额外配置 API Key。此外,还提供了 `sbom-vulnerabilities` 用于漏洞扫描,以及 `sbom-check-hallucinations` 用于检测是否存在幻觉依赖包。
推荐的工作流包括:首先通过 `npm install -g` 安装工具,随后利用 `cr-agent` 进行项目安全审计。该工具在 ClawHub 技能扫描测试中表现出色,能够识别出 Prompt Injection 模式并对项目进行安全等级评定(从 Grade A 到 Grade F),帮助开发者快速识别并修复存在安全隐患的 AI Skill 或依赖项。
fill-ai评价:前沿安全工具,填补AI智能体安全防护空白,代码活跃维护,星标增长稳定,实战价值高。
AI Skill Hub 为第三方内容聚合平台,本页面信息基于公开数据整理,不对工具功能和质量作任何法律背书。
建议在沙箱或测试环境中充分验证后,再部署至生产环境,并做好必要的安全评估。
✅ MIT 协议 — 最宽松的开源协议之一,可自由商用、修改、分发,仅需保留版权声明。
经综合评估,agent-security-scanner-mcp MCP工具 在MCP工具赛道中表现稳健,质量优秀。如果你已有明确的使用需求,可以直接上手体验;如果还在评估阶段,建议对比同类工具后再做决策。
| 原始名称 | agent-security-scanner-mcp |
| 原始描述 | 开源MCP工具:Security scanner MCP server for AI coding agents. Prompt injection firewall, pac。⭐102 · JavaScript |
| Topics | 安全防护提示词注入智能体安全代码扫描自动修复 |
| GitHub | https://github.com/sinewaveai/agent-security-scanner-mcp |
| License | MIT |
| 语言 | JavaScript |
收录时间:2026-05-19 · 更新时间:2026-05-19 · License:MIT · AI Skill Hub 不对第三方内容的准确性作法律背书。
选择 Agent 类型,复制安装指令后粘贴到对应客户端