Security scanner that runs inside the MCP protocol to check agent content before execution. Exposes four tools: scan_content for analyzing skills, READMEs, and tool definitions against 219 detection rules covering prompt injection, credential leaks, and exfiltration patterns; check_mcp_config for vetting server configurations from Claude Desktop or Cursor before you add them; list_rules and explain_rule for browsing the detection catalog. All scanning happens locally with no LLM calls or network access. The scanner imports Aguara as a Go library and runs in-process, returning structured verdicts with severity ratings and remediation guidance. Sensitive matches get redacted in responses. Useful when your agent is installing third-party MCP servers or evaluating untrusted tool descriptions and you want a security review before the agent acts on them.