Skill Detail

Statically scan agent repos for prompt injection and unsafe MCP configs with Agent Audit

Audit agent code, prompts, and MCP configuration for prompt-injection surfaces, taint issues, and unsafe tool exposure before shipping.

Security & VerificationMulti-Framework

Security & Verification Multi-Framework Security Reviewed

⭐ 149 GitHub stars

INSTALL WITH ANY AGENT

npx skills add agentskillexchange/skills --skill statically-scan-agent-repos-for-prompt-injection-and-unsafe-mcp-configs-with-agent-audit

Copy

Works best when you want a reusable capability, not another fragile one-off prompt.

View source Documentation

At a glance

Tools required

agent-audit, local agent repository or config tree

Install & setup

Install the agent-audit package from the upstream project, point it at an agent repository or config tree, and run the static scan before CI approval or release.

Author

Agent Security Team

Publisher

Individual

Last updated

Apr 14, 2026

Quick brief

Use Agent Audit when the goal is to run a focused static security pass on an agent repository before release or deployment. This is not a generic security platform listing and not just another code scanner. The boundary is narrow and operator-shaped: inspect prompts, agent code, and MCP configs for agent-specific security failures such as prompt injection surfaces, unsafe tool exposure, and taint-style flows. That makes it a publishable security workflow rather than a plain product card.

Best fit

When to reach for it

Best when the job fits Security & Verification.
Works naturally with Multi-Framework setups.
Requires agent-audit, local agent repository or config tree.
Installation is straightforward: Install the agent-audit package from the upstream project, point it at an agent repository or config…

Trust & provenance

Why this listing is credible

Trust status: Security Reviewed.
149 GitHub stars on the linked upstream source.
Last updated Apr 14, 2026.

View source ↗ Documentation ↗