Built for AI coding agents that need security guardrails without slowing down. Exposes 18+ MCP tools including scan_security for vulnerability detection across 12 languages, fix_security for auto-remediation, and check_package to catch hallucinated dependencies against 4.3M+ real packages. The scan_agent_prompt tool blocks prompt injection before your agent acts on untrusted input, while scan_agent_action pre-checks bash commands and file operations. Includes SBOM generation with CycloneDX export, OSV.dev CVE scanning, and LLM-powered semantic code review that understands project intent. Comes in two flavors: a lightweight 81KB pure-regex scanner for speed, or the full version with AST analysis and taint tracking. Integrates with Claude Desktop, Cursor, and OpenClaw for real-time security checks during agentic workflows.
claude mcp add --transport stdio sinewaveai-agent-security-scanner-mcp uvx agent-security-scanner-mcp