AgentDish directory

security

Accepted listings with this tag.

Listing Category Score Trend Checked
#6 ↑ +5
Snyk Agent Scan

Open-source security scanner for AI agents, MCP servers, and agent skills. It auto-discovers installed agent components and checks them for prompt injection, tool poisoning, secrets, malware payloads, and related risks.

Security / Agent Security 92 ↑ +5 72 days ago Details
#64 → 0
TakoVM

Open-source sandboxing and secure file system for agent code execution, with built-in job queues, execution history, retries, Docker isolation, and optional gVisor hardening.

Developer Tools / Agent Infrastructure 89 → 0 16 days ago Details

GitHub Marketplace app from NeuraLegion that scans apps and APIs for vulnerabilities, proposes fixes, and validates remediations inside GitHub workflows.

Security / Application Security 89 → 0 40 days ago Details
#75 → 0
Redact

Browser extension that scans pastes for credentials and PII before they reach LLM chat sites, with local on-device inference and no network calls.

Developer Tool / Browser Extension 89 → 0 44 days ago Details
#99 ↓ -3
clawk

Disposable, network-restricted Linux VMs for AI coding agents. The project is built for letting coding agents install packages, run tests, use system tools, and work inside an isolated machine instead of the host laptop.

Developer Tools / AI Coding 88 ↓ -3 4 days ago Details
#105 ↓ -3
reins

Local browser-control tool that lets coding agents drive a signed-in Chromium browser through a CLI, daemon, and extension.

Developer Tools / Code Assistant 88 ↓ -3 9 days ago Details
#167 ↓ -3
Recursant

Open-source platform for governing AI agents across clouds and stacks, with a control plane, sidecar-based data plane, policy enforcement, observability, and audit trails.

Developer Tools / AI Infrastructure 88 ↓ -3 71 days ago Details
#206 ↓ -4
Cloak

Cloak is a local secrets vault for AI agents that lets them use API keys without exposing the raw key to the model. The repo shows a CLI, local daemon, MCP server, policy controls, and quickstart commands for connecting with AI clients.

Developer Tools / Security / Secrets Management 87 ↓ -4 26 days ago Details
#242 ↓ -3
Recursant

Open-source agentic mesh for governing AI agents across enterprise systems, with identity, policy enforcement, audit trails, observability, and Kubernetes-native deployment.

Developer Tools / Code Assistant 87 ↓ -3 72 days ago Details
#256 ↑ +2
Confessor

A local CLI for replaying what AI coding agents accessed on your machine, including file reads, secrets that entered context, and possible read-then-network-call exposure paths. It also scans exported ChatGPT, Claude, and Gemini histories for sensitive data.

Developer Tools / Security 86 ↑ +2 5 days ago Details
#280 ↑ +2
Bulwark

Kernel-level read gate for AI coding agents that blocks protected file reads before bytes reach the agent, with Linux fanotify and macOS Endpoint Security support.

Security / Developer Security Tool 86 ↑ +2 17 days ago Details
#302 ↑ +2
Nenya

An AI API gateway/proxy in Go that sits between coding clients and upstream LLM providers, with request routing, secret redaction, context handling, MCP tool integration, and transparent SSE streaming.

Developer Tools / AI API Gateway / Proxy 86 ↑ +2 34 days ago Details
#319 ↑ +2
diplomat-agent-ts

A TypeScript static scanner that finds AI agent tool calls with no checks before they can trigger real-world side effects. It supports CLI scanning, JSON output, a generated tool-call registry, and CI/pre-commit enforcement.

Developer Tools / AI Code Analysis 86 ↑ +2 50 days ago Details
#324 ↑ +2
Aperion Shield v0.7

Local guardrails for AI coding agents that intercept destructive actions before they execute, now extended to Git hooks for commit and push enforcement.

Developer Tools / AI Coding Guardrails 86 ↑ +2 52 days ago Details
#336 ↑ +2
badvibes

A zero-config CLI that scans repositories for AI-slop patterns like missing .env.example files, committed secrets, large files, duplicated code, TODO drift, and missing tests, then returns a Vibe Score from 0 to 100.

Developer Tools / Code Quality 86 ↑ +2 59 days ago Details
#337 ↑ +2
Beacon

Beacon is an open-source endpoint telemetry layer for local AI agents. It captures supported activity from tools like Claude Code, Codex CLI, Gemini CLI, OpenCode, Factory Droid, Claude Cowork, and Cursor, then normalizes events for local inspection or forwarding to SIEM pipelines.

Developer Tools / Observability 86 ↑ +2 59 days ago Details
#368 ↓ -3
Toolport

Local-first MCP gateway that lets multiple AI clients share one server setup, with lazy tool discovery to reduce token usage and built-in tool integrity and quarantine controls.

Developer Tools / MCP / AI Infrastructure 85 ↓ -3 44 hours ago Details
#385 ↓ -3
Exfault

Exfault is an autonomous Android security testing tool that uses AI agents, static analysis, dynamic analysis, authenticated workflows, and cloud emulators to produce reproducible findings and reports.

Security / Mobile Security 85 ↓ -3 18 days ago Details
#415 ↓ -3
HoneyLabs

A honeypot telemetry and threat intelligence service with searchable IP lookups, recent scanner data, and an MCP/JSON-RPC API for agents and developers.

Security / Threat Intelligence 85 ↓ -3 60 days ago Details
#435 ↓ -6
B.I.O.M.A. Framework

A local Rust-plus-Python middleware layer for LLM apps that claims to reduce token usage and add in-process security checks before prompts are sent to a provider.

Developer Tool / LLM middleware 84 ↓ -6 20 hours ago Details
#512 ↓ -6
agent-vault-proxy

A loopback HTTPS proxy that swaps placeholders for real API keys at request time, keeping secrets out of the agent process. It uses Bitwarden Secrets Manager and supports scoped bindings for hosts, methods, and paths.

Developer Tool / Security 84 ↓ -6 35 days ago Details
#520 ↓ -6
AgentTrust ID

Runtime authorization platform for AI agents with open-source SDKs in Python, TypeScript, Go, Java, and Rust. The page says the hosted service is in production, supports per-action checks, scoped delegation, revocable tokens, and a shared authorization model across MCP tools, agent-to-agent calls, and direct API integr

AI Developer Tool / Agent Security / Authorization 84 ↓ -6 39 days ago Details
#522 ↓ -6
Sandfence

A minimal native macOS sandbox for running Claude Code or Codex with OS-enforced limits on what the agent can touch.

Developer Tools / Security 84 ↓ -6 41 days ago Details

An open-source reference implementation for autonomous vulnerability discovery and remediation with Claude. It includes Claude Code skills for threat modeling, scanning, triage, patching, plus a harness for running a recon → find → verify → report → patch pipeline.

Security / AI Security 84 ↓ -6 42 days ago Details