JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 30
  • Score
    100M100P100Q76075F
  • License AGPL-3.0

Security scanner for AI packages — MCP server + CLI

Package Exports

  • agentaudit
  • agentaudit/index.mjs

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (agentaudit) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

🛡️ AgentAudit

Security scanner for AI packages

Scan MCP servers, agent skills, and AI tools for vulnerabilities.
MCP server for agents + standalone CLI for humans.

npm Registry License

Quick Start

npx agentaudit discover

That's it. Finds all MCP servers on your machine and checks them against the security registry.

AgentAudit v3.2.0
  Security scanner for AI packages

•  Scanning Claude Desktop  ~/.claude/mcp.json    found 2 servers

├──  fastmcp-demo       npm:fastmcp
│    SAFE  Risk 0  ✔ official  https://agentaudit.dev/skills/fastmcp
└──  my-tool            npm:some-mcp-tool
     ⚠ not audited      Run: agentaudit audit <source-url>

────────────────────────────────────────────────────────
  Summary  2 servers across 1 config

  ✔  1 audited
  ⚠  1 not audited

Install

npm install -g agentaudit    # global install
# or use directly:
npx agentaudit <command>

Commands

Command What it does Speed
discover Find local MCP servers + check registry ⚡ instant
check <name> Look up a package in the registry ⚡ instant
scan <url> Quick static analysis (regex-based, local) 🔵 ~2s
audit <url> Deep LLM-powered security audit 🔴 ~30s
setup Register + configure API key interactive

scan vs audit

scan audit
How Regex pattern matching LLM 3-pass: UNDERSTAND → DETECT → CLASSIFY
Speed ~2 seconds ~30 seconds
Depth Surface-level patterns Semantic code understanding
Needs LLM API key No Yes (ANTHROPIC_API_KEY or OPENAI_API_KEY)
Uploads to registry No Yes (with agentaudit setup)

Examples

# Discover all MCP servers on your machine
npx agentaudit discover

# Quick static scan
npx agentaudit scan https://github.com/owner/repo

# Deep LLM-powered audit
export ANTHROPIC_API_KEY=sk-ant-...
npx agentaudit audit https://github.com/owner/repo

# Export code + audit prompt for manual LLM review
npx agentaudit audit https://github.com/owner/repo --export

# Registry lookup
npx agentaudit check fastmcp

# Register for an API key (free)
npx agentaudit setup

MCP Server

Add AgentAudit to your AI editor. Your agent gets 4 tools:

MCP Tool Description
discover_servers Find all locally installed MCP servers, check registry status
audit_package Clone a repo → return source code + audit prompt → you analyze → submit_report
submit_report Upload your audit report to agentaudit.dev
check_package Quick registry lookup for a package

Setup

One-line config — works with npx, no manual clone needed:

Claude Desktop (~/.claude/mcp.json):

{
  "mcpServers": {
    "agentaudit": {
      "command": "npx",
      "args": ["-y", "agentaudit"]
    }
  }
}

Cursor (.cursor/mcp.json):

{
  "mcpServers": {
    "agentaudit": {
      "command": "npx",
      "args": ["-y", "agentaudit"]
    }
  }
}

Windsurf (~/.codeium/windsurf/mcp_config.json):

{
  "mcpServers": {
    "agentaudit": {
      "command": "npx",
      "args": ["-y", "agentaudit"]
    }
  }
}

How an audit works via MCP

You: "Audit the blender-mcp server"
                ↓
Agent calls discover_servers → finds blender-mcp
                ↓
Agent calls check_package("blender-mcp") → not in registry
                ↓
Agent calls audit_package("https://github.com/user/blender-mcp")
                ↓
MCP server clones repo, returns source code + audit methodology
                ↓
Agent's LLM analyzes code (3-pass: UNDERSTAND → DETECT → CLASSIFY)
                ↓
Agent calls submit_report(findings_json)
                ↓
Report published at agentaudit.dev/skills/blender-mcp

Authentication

Run npx agentaudit setup once. Both CLI and MCP server find credentials automatically:

  1. AGENTAUDIT_API_KEY environment variable
  2. ~/.config/agentaudit/credentials.json (created by setup)

discover, scan, and check work without a key. Only audit/submit_report need one.

What it detects

Static scan (scan)

  • 🔴 Prompt injection & tool poisoning
  • 🔴 Shell command injection
  • 🔴 SQL injection
  • 🔴 Unsafe deserialization (pickle, YAML)
  • 🟡 Hardcoded secrets
  • 🟡 SSL/TLS verification disabled
  • 🟡 Path traversal
  • 🔵 Wildcard CORS
  • 🔵 Undisclosed telemetry

Deep audit (audit / MCP audit_package)

Everything above, plus:

  • 🔴 Multi-file attack chains (credential harvest → exfiltration)
  • 🔴 Agent manipulation (impersonation, capability escalation, jailbreaks)
  • 🔴 MCP-specific: tool description injection, resource traversal, unpinned npx
  • 🟡 Persistence mechanisms (crontab, shell RC, git hooks, systemd)
  • 🟡 Obfuscation (base64 exec, zero-width chars, ANSI escapes)
  • 🟡 Context pollution & indirect prompt injection

50+ detection patterns across 8 categories. Full pattern list →

Requirements

  • Node.js 18+
  • Git (for cloning repos)
  • agentaudit.dev — Trust registry with 400+ audit reports
  • agentaudit-skill — Full agent skill with gate scripts, detection patterns & peer review system

License

AGPL-3.0