agentbom

vlcak27/agentbom

★ 2 stars Python 🔒 Security Updated 4d ago

Offline static scanner for AI-agent repositories. Maps providers, frameworks, prompts, MCP servers, policy gaps, and reachable capabilities.

View on GitHub → Try with Claude — $10 free →

Quick Install

Copy the config for your editor. Some servers may need additional setup — check the README.

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "agentbom": {
      "command": "uvx",
      "args": [
        "agentbom"
      ]
    }
  }
}

Or install with pip: pip install agentbom

README Excerpt

AgentBOM is a local-first pre-commit security guard for AI-agent repositories. AI-agent repos often mix prompts, tool permissions, MCP config, and API keys. AgentBOM gives you a local commit-time check before risky changes enter git. - Activate once with `agentbom activate`. - Commit normally. - Block likely AI/API key leaks and risky agent capabilities.

Tools (4)

auditconfirmsafestrict

Topics

agent-securityai-agentsai-securityclimcpmodel-context-protocolpythonsarifsbomsecurity-toolsstatic-analysis

agentbom

Quick Install

README Excerpt

Tools (4)

Topics

Related Security Servers