security

Open-source security scanner for AI agents, MCP servers, and agent skills. It auto-discovers installed agent components and checks them for prompt injection, tool poisoning, secrets, malware payloads, and related risks.

GitHub Marketplace app from NeuraLegion that scans apps and APIs for vulnerabilities, proposes fixes, and validates remediations inside GitHub workflows.

Browser extension that scans pastes for credentials and PII before they reach LLM chat sites, with local on-device inference and no network calls.

Open-source platform for governing AI agents across clouds and stacks, with a control plane, sidecar-based data plane, policy enforcement, observability, and audit trails.

Open-source agentic mesh for governing AI agents across enterprise systems, with identity, policy enforcement, audit trails, observability, and Kubernetes-native deployment.

An AI API gateway/proxy in Go that sits between coding clients and upstream LLM providers, with request routing, secret redaction, context handling, MCP tool integration, and transparent SSE streaming.

A TypeScript static scanner that finds AI agent tool calls with no checks before they can trigger real-world side effects. It supports CLI scanning, JSON output, a generated tool-call registry, and CI/pre-commit enforcement.

Local guardrails for AI coding agents that intercept destructive actions before they execute, now extended to Git hooks for commit and push enforcement.

A zero-config CLI that scans repositories for AI-slop patterns like missing .env.example files, committed secrets, large files, duplicated code, TODO drift, and missing tests, then returns a Vibe Score from 0 to 100.

Beacon is an open-source endpoint telemetry layer for local AI agents. It captures supported activity from tools like Claude Code, Codex CLI, Gemini CLI, OpenCode, Factory Droid, Claude Cowork, and Cursor, then normalizes events for local inspection or forwarding to SIEM pipelines.

A honeypot telemetry and threat intelligence service with searchable IP lookups, recent scanner data, and an MCP/JSON-RPC API for agents and developers.

A loopback HTTPS proxy that swaps placeholders for real API keys at request time, keeping secrets out of the agent process. It uses Bitwarden Secrets Manager and supports scoped bindings for hosts, methods, and paths.

Runtime authorization platform for AI agents with open-source SDKs in Python, TypeScript, Go, Java, and Rust. The page says the hosted service is in production, supports per-action checks, scoped delegation, revocable tokens, and a shared authorization model across MCP tools, agent-to-agent calls, and direct API integr

A minimal native macOS sandbox for running Claude Code or Codex with OS-enforced limits on what the agent can touch.

An open-source reference implementation for autonomous vulnerability discovery and remediation with Claude. It includes Claude Code skills for threat modeling, scanning, triage, patching, plus a harness for running a recon → find → verify → report → patch pipeline.

Open-source security scanner and firewall for MCP servers. It scans configs for common MCP risks, enforces runtime policies on tool calls, and produces audit logs, with CLI commands, policy examples, and a programmatic API.

A secure Model Context Protocol server that gives AI assistants controlled terminal access with risk analysis, sandboxing, logging, filesystem protection, and optional Docker and Git features.

An interactive lab for tracing how AI-assisted engineering workflows can reach repos, CI/CD, credentials, tools, approvals, and proof trails.

Runtime governance and containment for AI agents. Faramesh sits between an agent and its tools to enforce policy checks, approval steps, credential isolation, and tamper-evident audit logs before risky actions execute.

A security product for Claude Code that reviews application architecture inside the IDE via MCP, with contextual assessments, prioritized mitigations, and continuous re-checks as the codebase changes.

VaultS3 is a self-hosted, S3-compatible object storage server with a built-in dashboard, low RAM usage, and a single-binary deployment. The page highlights features like versioning, WORM, S3 Select, FUSE mount, IAM/OIDC login, search, and event notifications.

A Mac-resident MCP server that lets AI agents access Apple services like Mail, Calendar, iCloud Drive, Voice Memos, Reminders, and Contacts over a Tailscale network with per-token ACLs and audit logging.

HookGuard is a CLI security scanner for AI coding agent configuration files. It looks for malicious hooks, invisible Unicode, credential exfiltration patterns, and prompt-injection text in files like CLAUDE.md, AGENTS.md, Cursor rules, and GitHub Copilot instructions.

git-lrc is a Git-based AI code review tool that runs on commit and surfaces risk categories, inline findings, and a summary deck for each review.