agentshieldMCP Server40/100 via “hardcoded secrets detection with multi-provider pattern matching”
AI agent security scanner. Detect vulnerabilities in agent configurations, MCP servers, and tool permissions. Available as CLI, GitHub Action, ECC plugin, and GitHub App integration. 🛡️
Unique: Combines provider-specific pattern matching (Anthropic sk-*, OpenAI sk-*, AWS AKIA*) with entropy-based anomaly detection to catch both well-known secret formats and custom tokens; integrates with AgentShield's Finding system to provide context-aware remediation (e.g., 'use ANTHROPIC_API_KEY environment variable instead')
vs others: More targeted for agent configurations than generic secret scanners (git-secrets, Snyk) because it understands where secrets appear in MCP server definitions and hook configurations, not just source code