Built for securing AI agent workflows, this server scans MCP configurations for misconfigurations and exposed secrets, detects prompt injection across seven attack categories (instruction override, identity manipulation, delimiter attacks, encoded payloads), and audits agent permissions against six role profiles like researcher, analyst, and developer. It validates scope contracts to enforce tool allowlists and file access boundaries, scans for 25+ secret patterns including OpenAI keys, AWS credentials, and database URIs, and checks MCP tool definitions for hidden instructions that could manipulate agent behavior. Reach for this when you're hardening production agent systems or need to catch prompt injections and credential leaks before they cause damage.
claude mcp add --transport stdio io.github.mdfifty50-boop-agent-security -- npx -y agent-security-mcp