aguara

by garagon · Go · ★ 74

Security scanner for AI agent skills and MCP servers. Static analysis, incident response, no LLM. One binary. Detection engine behind oktsec.

#ai-agents#ai-security#claude#data-exfiltration#devsecops#golang#mcp#mcp-server#model-context-protocol#prompt-injection#sast#security#security-scanner#static-analysis#supply-chain-security

Install

go install github.com/garagon/aguara@latest

Claude Desktop config

Add this to your claude_desktop_config.json:

{
  "mcpServers": {
    "aguara": {
      "command": "npx",
      "args": [
        "-y",
        "github:garagon/aguara"
      ]
    }
  }
}

From the README

Aguara Security scanner for AI agent skills and MCP servers. Detect prompt injection, data exfiltration, and supply-chain attacks before they reach production. Installation • Quick Start • How It Works • Usage • Rules • Incident Response • Aguara MCP • Aguara Watch • Contributing https://github.com/user-attachments/assets/851333be-048f-48fa-aaf3-f8cc1d4aa594 AI agents and MCP servers run code on your behalf. A single malicious skill file can exfiltrate credentials, inject prompts, or instal…

Read full README on GitHub →

💡 Need a managed MCP host?

Try Claude Pro for the smoothest MCP experience, or browse our cloud-hosted servers.

Related developer tools servers

everything-claude-code

affaan-m

★ 170,676

The agent harness performance optimization system. Skills, instincts, memory, security, and research-first development for Claude Code, Codex, Opencode, Cursor and beyond.

Developer Tools · JavaScript