Harness configuration risk
Review CLAUDE.md, AGENTS.md, rules files, and prompt scaffolding for unsafe defaults and broken permission boundaries.
Security
AgentShield gives teams a reviewable security layer for agent configs.
Scan CLAUDE.md, .cursorrules, agents.json, hooks, and MCP surfaces before unsafe patterns spread across a team. Start with the open scanner, then add automated PR review, policy packs, and rollout reporting as the org surface grows.
102 rules across 5 categories
CLI, npm package, and GitHub Marketplace action
Open scanner with automation on top
Risk surfaces
What teams are actually trying to control.
The highest-value issues are usually structural: unsafe defaults, copied prompt context, broad tool permissions, and MCP or hook behavior that quietly expands what the system can do.
Foreign-data suspicion
Flag risky copied text, issue content, external instructions, and context sources that should never be trusted by default.
Tooling and MCP exposure
Separate legitimate automation from dangerous hook, tool, or MCP behavior before it becomes a team-wide standard.
| Layer | Open source | Paid / enterprise |
|---|---|---|
| Scanning engine | AgentShield CLI, npm package, and visible rule set | Automated PR scanning, baselines, and historical findings |
| Policy | Community rules and reviewable findings | Custom policies, reporting, audit trails, and governance controls |
| Rollout | Self-serve adoption through docs, repo installs, and examples | Hands-on onboarding, training, and organization-wide rollout support |
Open scanner
Review the scanner locally, inspect what it checks, and run it inside your own workflow before you automate it more deeply.
Rollout surface
Add automated PR review, policy packs, reporting, and governance once the team needs consistent enforcement across repositories.
Start with ECC
Move from OSS discovery to repo-native rollout.
The ECC model stays additive: open-source distribution first, GitHub App automation when repository workflows matter, and enterprise support when the organization needs policy, rollout help, and governance.
140K+ stars
Public repos free
AgentShield protection layer