AgentDish directory
security
Accepted listings with this tag.
| Listing | Category | Score | Trend | Checked | |
|---|---|---|---|---|---|
|
#6
↑ +5
Snyk Agent Scan
Open-source security scanner for AI agents, MCP servers, and agent skills. It auto-discovers installed agent components and checks them for prompt injection, tool poisoning, secrets, malware payloads, and related risks. |
Security / Agent Security | 92 | ↑ +5 | 72 days ago | Details |
|
#64
→ 0
TakoVM
Open-source sandboxing and secure file system for agent code execution, with built-in job queues, execution history, retries, Docker isolation, and optional gVisor hardening. |
Developer Tools / Agent Infrastructure | 89 | → 0 | 16 days ago | Details |
|
#73
→ 0
Bright Security Agent
GitHub Marketplace app from NeuraLegion that scans apps and APIs for vulnerabilities, proposes fixes, and validates remediations inside GitHub workflows. |
Security / Application Security | 89 | → 0 | 40 days ago | Details |
|
#75
→ 0
Redact
Browser extension that scans pastes for credentials and PII before they reach LLM chat sites, with local on-device inference and no network calls. |
Developer Tool / Browser Extension | 89 | → 0 | 44 days ago | Details |
|
#99
↓ -3
clawk
Disposable, network-restricted Linux VMs for AI coding agents. The project is built for letting coding agents install packages, run tests, use system tools, and work inside an isolated machine instead of the host laptop. |
Developer Tools / AI Coding | 88 | ↓ -3 | 4 days ago | Details |
|
#105
↓ -3
reins
Local browser-control tool that lets coding agents drive a signed-in Chromium browser through a CLI, daemon, and extension. |
Developer Tools / Code Assistant | 88 | ↓ -3 | 9 days ago | Details |
|
#167
↓ -3
Recursant
Open-source platform for governing AI agents across clouds and stacks, with a control plane, sidecar-based data plane, policy enforcement, observability, and audit trails. |
Developer Tools / AI Infrastructure | 88 | ↓ -3 | 71 days ago | Details |
|
#206
↓ -4
Cloak
Cloak is a local secrets vault for AI agents that lets them use API keys without exposing the raw key to the model. The repo shows a CLI, local daemon, MCP server, policy controls, and quickstart commands for connecting with AI clients. |
Developer Tools / Security / Secrets Management | 87 | ↓ -4 | 26 days ago | Details |
|
#242
↓ -3
Recursant
Open-source agentic mesh for governing AI agents across enterprise systems, with identity, policy enforcement, audit trails, observability, and Kubernetes-native deployment. |
Developer Tools / Code Assistant | 87 | ↓ -3 | 72 days ago | Details |
|
#256
↑ +2
Confessor
A local CLI for replaying what AI coding agents accessed on your machine, including file reads, secrets that entered context, and possible read-then-network-call exposure paths. It also scans exported ChatGPT, Claude, and Gemini histories for sensitive data. |
Developer Tools / Security | 86 | ↑ +2 | 5 days ago | Details |
|
#280
↑ +2
Bulwark
Kernel-level read gate for AI coding agents that blocks protected file reads before bytes reach the agent, with Linux fanotify and macOS Endpoint Security support. |
Security / Developer Security Tool | 86 | ↑ +2 | 17 days ago | Details |
|
#302
↑ +2
Nenya
An AI API gateway/proxy in Go that sits between coding clients and upstream LLM providers, with request routing, secret redaction, context handling, MCP tool integration, and transparent SSE streaming. |
Developer Tools / AI API Gateway / Proxy | 86 | ↑ +2 | 34 days ago | Details |
|
#319
↑ +2
diplomat-agent-ts
A TypeScript static scanner that finds AI agent tool calls with no checks before they can trigger real-world side effects. It supports CLI scanning, JSON output, a generated tool-call registry, and CI/pre-commit enforcement. |
Developer Tools / AI Code Analysis | 86 | ↑ +2 | 50 days ago | Details |
|
#324
↑ +2
Aperion Shield v0.7
Local guardrails for AI coding agents that intercept destructive actions before they execute, now extended to Git hooks for commit and push enforcement. |
Developer Tools / AI Coding Guardrails | 86 | ↑ +2 | 52 days ago | Details |
|
#336
↑ +2
badvibes
A zero-config CLI that scans repositories for AI-slop patterns like missing .env.example files, committed secrets, large files, duplicated code, TODO drift, and missing tests, then returns a Vibe Score from 0 to 100. |
Developer Tools / Code Quality | 86 | ↑ +2 | 59 days ago | Details |
|
#337
↑ +2
Beacon
Beacon is an open-source endpoint telemetry layer for local AI agents. It captures supported activity from tools like Claude Code, Codex CLI, Gemini CLI, OpenCode, Factory Droid, Claude Cowork, and Cursor, then normalizes events for local inspection or forwarding to SIEM pipelines. |
Developer Tools / Observability | 86 | ↑ +2 | 59 days ago | Details |
|
#368
↓ -3
Toolport
Local-first MCP gateway that lets multiple AI clients share one server setup, with lazy tool discovery to reduce token usage and built-in tool integrity and quarantine controls. |
Developer Tools / MCP / AI Infrastructure | 85 | ↓ -3 | 44 hours ago | Details |
|
#385
↓ -3
Exfault
Exfault is an autonomous Android security testing tool that uses AI agents, static analysis, dynamic analysis, authenticated workflows, and cloud emulators to produce reproducible findings and reports. |
Security / Mobile Security | 85 | ↓ -3 | 18 days ago | Details |
|
#415
↓ -3
HoneyLabs
A honeypot telemetry and threat intelligence service with searchable IP lookups, recent scanner data, and an MCP/JSON-RPC API for agents and developers. |
Security / Threat Intelligence | 85 | ↓ -3 | 60 days ago | Details |
|
#435
↓ -6
B.I.O.M.A. Framework
A local Rust-plus-Python middleware layer for LLM apps that claims to reduce token usage and add in-process security checks before prompts are sent to a provider. |
Developer Tool / LLM middleware | 84 | ↓ -6 | 20 hours ago | Details |
|
#512
↓ -6
agent-vault-proxy
A loopback HTTPS proxy that swaps placeholders for real API keys at request time, keeping secrets out of the agent process. It uses Bitwarden Secrets Manager and supports scoped bindings for hosts, methods, and paths. |
Developer Tool / Security | 84 | ↓ -6 | 35 days ago | Details |
|
#520
↓ -6
AgentTrust ID
Runtime authorization platform for AI agents with open-source SDKs in Python, TypeScript, Go, Java, and Rust. The page says the hosted service is in production, supports per-action checks, scoped delegation, revocable tokens, and a shared authorization model across MCP tools, agent-to-agent calls, and direct API integr |
AI Developer Tool / Agent Security / Authorization | 84 | ↓ -6 | 39 days ago | Details |
|
#522
↓ -6
Sandfence
A minimal native macOS sandbox for running Claude Code or Codex with OS-enforced limits on what the agent can touch. |
Developer Tools / Security | 84 | ↓ -6 | 41 days ago | Details |
|
#526
↓ -6
Defending Code Reference Harness
An open-source reference implementation for autonomous vulnerability discovery and remediation with Claude. It includes Claude Code skills for threat modeling, scanning, triage, patching, plus a harness for running a recon → find → verify → report → patch pipeline. |
Security / AI Security | 84 | ↓ -6 | 42 days ago | Details |