affaan-m

affaan-m / agentshield

Public

AI agent security scanner. Detect vulnerabilities in agent configurations, MCP servers, and tool permissions. Available as CLI, GitHub Action, ECC plugin, and GitHub App integration. 🛡️

cerebralvalley.aieclaude-code-hackathon ai-agent anthropic claude-code hackathon mcp
41
8
100% credibility
Found Feb 12, 2026 at 11 stars 4x -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
TypeScript
AI Summary

AgentShield audits AI agent setups for security risks like leaked secrets and loose permissions, offers auto-fixes, secure templates, deep AI analysis, and a sandboxed agent runtime called MiniClaw.

How It Works

1
🔍 Discover AgentShield

You hear about a helpful tool that checks if your AI helpers are safe from tricks and mistakes.

2
📁 Point to your setup

You show it your AI project folder where all the instructions live.

3
📊 Get your safety grade

It quickly reviews everything and gives you a clear report with a letter grade like A-F and lists what to watch out for.

4
🔧 Fix easy problems

It offers to automatically patch simple issues so your setup gets stronger right away.

5
🏗️ Build safe foundation

You create a ready-to-use secure starting point for new AI helpers.

6
🤖 Run protected helper

You launch a super-safe version of your AI agent that blocks sneaky attacks.

Safe and worry-free

Now your AI works securely, helping you without any hidden dangers.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 11 to 41 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is agentshield?

AgentShield is a TypeScript security auditor for AI agent configurations, scanning Claude Code setups in your .claude/ directory for secrets, loose permissions, risky hooks, MCP servers, and agent misconfigs. Run it via CLI with npx ecc-agentshield scan for instant A-F grades, HTML reports, and auto-fixes for safe issues like hardcoded keys; it also integrates as a GitHub Action for security github actions and github security scanning in CI. Bonus: generates secure baselines with agentshield init and includes MiniClaw, a sandboxed agent runtime demo.

Why is it gaining traction?

It combines static rules (16 across secrets, permissions, etc.) with optional Claude Opus multi-agent analysis—red team attacks, blue team fixes, auditor verdict—for deeper insights than basic linters. GitHub security alerts via annotations, fail-on-findings, and outputs like score/grade make it CI-ready, while auto-fixes and formats (JSON, Markdown, HTML) save time on github security md and github security policy tweaks. Developers dig the practical edge over generic security github projects.

Who should use this?

AI agent builders using Claude Code who clone repos and worry about prompt injection or supply-chain risks in hooks/MCP. Security auditors or teams enforcing github security advisories in monorepos, especially those eyeing security auditor certification paths with automated scans. Devs prototyping secure agents via MiniClaw before production.

Verdict

Grab it for quick audits on agent configs—solid CLI and Action make it useful now despite 10 stars and 1.0% credibility score signaling early days. Docs shine, tests hit 80%+, but production teams should validate rules on real vulns first.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.