Agent Scan
ActiveDescription
Security scanner for AI agents, MCP servers, and agent skills by Snyk — detect and fix security vulnerabilities before deployment.
Key Features
- Auto-discover MCP configurations, agent tools, and skills across multiple agents
- Detect 15+ security risks: prompt injection, tool poisoning, toxic flows, malware
- Scans Claude, Cursor, Windsurf, Gemini CLI, Amp, Amazon Q and other agents
- Background mode for enterprise-wide agent supply chain monitoring via Snyk Evo
- Interactive consent for MCP server execution with sandbox recommendations
- Supports macOS, Linux, and Windows with per-agent capability matrix
Use Cases
💡 Scan installed agent components for prompt injection vulnerabilities
💡 Audit MCP server configurations for tool poisoning and shadowing risks
💡 Monitor enterprise agent supply chain for compliance and security
💡 CI/CD integration to block deployment of vulnerable agent skills
💡 Inventory and assess all AI agent configurations across development teams
Categories
Quick Start
1. Sign up at snyk.io and get an API token
2. Export SNYK_TOKEN=your-api-token-here
3. Install uv (https://docs.astral.sh/uv/)
4. Run full scan: uvx snyk-agent-scan@latest
5. Scan specific config: uvx snyk-agent-scan@latest ~/.vscode/mcp.json
6. Scan skills: uvx snyk-agent-scan@latest ~/path/to/skills