Security scanner and hardener for agentic AI installations — OpenClaw, MCP servers, and AI agent skill ecosystems

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for debu-sinha from gravatar.com debu-sinha

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: Apache-2.0
    SPDX License Expression
  • Author: Debu Sinha
  • Tags agentic-ai , ai-security , mcp , model-context-protocol , openclaw , owasp , security , vulnerability-scanner
  • Requires: Python >=3.10
  • Provides-Extra: dev , full , test , yara
Classifiers
Report project as malware

Project description

agentsec — AI Agent Security Scanner

License Python Tests PyPI Downloads OWASP

agentsec

Security scanner and hardener for agentic AI installations.

agentsec focuses on practical misconfigurations and supply-chain risk in:

  • OpenClaw installations
  • MCP server configurations and code
  • Agent skill/plugin ecosystems
  • Credential exposure in local files

All findings map to the OWASP Top 10 for Agentic Applications (2026).

Quick Start

pip install agentsec-ai
agentsec scan

Scan a specific installation:

agentsec scan ~/.openclaw

What agentsec checks

Module Scope
installation Gateway exposure, auth posture, DM/group policy, tool/sandbox settings, SSRF and safety checks, known CVE version checks, sensitive file/dir permissions
skill Instruction malware, risky code patterns (eval/exec/subprocess), prompt-injection patterns, frontmatter capability risk, dependency/install-hook risk
mcp Tool poisoning patterns, auth gaps on remote endpoints, dangerous schema/permissions, unverified npx usage
credential 16 provider-specific secret patterns, high-entropy detection, git credential leakage

Reference catalog:

Core Commands

# Full scan
agentsec scan

# JSON output for CI
agentsec scan -o json -f report.json

# SARIF for GitHub Code Scanning
agentsec scan -o sarif -f results.sarif

# Run only selected scanners
agentsec scan -s installation,mcp

# Control CI failure threshold
agentsec scan --fail-on critical

# Hardening preview (default: preview only)
agentsec harden -p workstation

# Apply hardening profile
agentsec harden -p workstation --apply

# Watch mode
agentsec watch ~/.openclaw -i 2

# Pre-install security gate
agentsec gate npm install some-skill

List available scanners:

agentsec list-scanners

Hardening Profiles

Profile Intended use
workstation Single-owner local usage
vps Remote/self-hosted deployment
public-bot Highest restriction for untrusted public input

Use agentsec show-profile <name> to inspect exact changes before applying.

Output and Exit Codes

Output formats:

  • terminal (default)
  • json
  • sarif

Exit codes:

  • 0: no findings at/above threshold
  • 1-127: count of findings at/above threshold (capped)
  • 2: runtime/usage error

GitHub Actions

Use the bundled composite action:

name: Agent Security
on: [push, pull_request]

jobs:
  agentsec:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      security-events: write
    steps:
      - uses: actions/checkout@v4
      - uses: debu-sinha/agentsec@v0.4.1
        with:
          fail-on: high
          output: sarif
          upload-sarif: 'true'

Action definition:

Screenshots

Step 1: Scan an insecure installation

agentsec scan — insecure installation

Step 2: Apply hardening profile

agentsec harden — workstation profile applied

Step 3: Re-scan after hardening (14 findings remain — credentials need manual rotation)

agentsec scan — after hardening, findings view agentsec scan — after hardening, OWASP posture

Benchmarks and Studies

Current checked-in Top-50 summary data:

  • docs/benchmarks/top50/reports/top50_summary_20260215.json
  • docs/benchmarks/top50/reports/top50_findings_20260215.jsonl

Reproducibility

Fixture benchmark:

python docs/benchmarks/run_benchmark.py

Top-50 study repro:

powershell -ExecutionPolicy Bypass -File scripts\reproduce_top50_study.ps1 -DateStamp 20260215

Note: semgrep and gitleaks baseline runs are optional in the PowerShell repro script and require those tools on PATH.

Adversarial consistency audit (docs vs artifacts):

python scripts/repo_consistency_audit.py

Case Studies

Launch Evidence

Development

git clone https://github.com/debu-sinha/agentsec.git
cd agentsec
pip install -e ".[dev]"
ruff check src tests
pytest

Contribution guide:

Security policy:

License

Apache-2.0

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for debu-sinha from gravatar.com debu-sinha

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: Apache-2.0
    SPDX License Expression
  • Author: Debu Sinha
  • Tags agentic-ai , ai-security , mcp , model-context-protocol , openclaw , owasp , security , vulnerability-scanner
  • Requires: Python >=3.10
  • Provides-Extra: dev , full , test , yara
Classifiers

Release history Release notifications | RSS feed

0.4.5

0.4.4

This version

0.4.1

0.3.1

0.3.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

agentsec_ai-0.4.1.tar.gz (594.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

agentsec_ai-0.4.1-py3-none-any.whl (85.9 kB view details)

Uploaded Python 3

File details

Details for the file agentsec_ai-0.4.1.tar.gz.

File metadata

  • Download URL: agentsec_ai-0.4.1.tar.gz
  • Upload date:
  • Size: 594.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for agentsec_ai-0.4.1.tar.gz
Algorithm Hash digest
SHA256 d8d254231e4be2f24b9dfc335a2efc06c4ff7744260ebe32006fe29dc4ccf26b
MD5 3ed25812822e277659ffc90c22d29146
BLAKE2b-256 47c07a8fa5bc64a5366338ae90677a27aa2395c7341ad7dd729de73647580163

See more details on using hashes here.

Provenance

The following attestation bundles were made for agentsec_ai-0.4.1.tar.gz:

Publisher: publish.yml on debu-sinha/agentsec

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file agentsec_ai-0.4.1-py3-none-any.whl.

File metadata

  • Download URL: agentsec_ai-0.4.1-py3-none-any.whl
  • Upload date:
  • Size: 85.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for agentsec_ai-0.4.1-py3-none-any.whl
Algorithm Hash digest
SHA256 5503bd0fc5209a17bb7fc1f1940a40edaecce66fa17b1c56c09e9a5227e9b8a6
MD5 b5e760304a104742fa01e1a0d4b1e4bb
BLAKE2b-256 f9551967a0341e61d047db0fa232dc7ed70ab6254053656faa330bfa28158527

See more details on using hashes here.

Provenance

The following attestation bundles were made for agentsec_ai-0.4.1-py3-none-any.whl:

Publisher: publish.yml on debu-sinha/agentsec

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page