{"id":"affaan-m-agentshield","name":"agentshield","homepage":"https://cerebralvalley.ai/e/claude-code-hackathon","repo_url":"https://github.com/affaan-m/agentshield","category":"security","subcategories":[],"tags":["ai-agent","security","claude-code","mcp","cli","github-action","configuration-scanning"],"what_it_does":"AgentShield is a security auditor/scanner for Claude Code agent setups. It scans local Claude configuration directories (e.g., ~/.claude/ and .claude/), detects hardcoded secrets, permission misconfigurations, unsafe hook behaviors, MCP server risks, and prompt/prompt-injection style vulnerabilities, and can output graded reports plus optional auto-fixes for certain issues.","use_cases":["Pre-flight auditing of local Claude Code agent configurations before deploying them","CI checks for agent configuration security using JSON/HTML report outputs","Auditing repositories that include .claude/ or MCP configuration templates for risky patterns","Generating a baseline/safe configuration with an init command","Hardening agent tool permissions and hook pipelines to reduce injection and exfiltration risk"],"not_for":["Runtime verification that a particular agent is actually vulnerable while running in production","A full replacement for pen testing, cloud IAM reviews, or application-level threat modeling","Scanning arbitrary non-Claude agent frameworks (its scope is Claude Code configuration patterns)"],"best_when":"You are managing Claude Code configurations (local or repo-based) and want automated static auditing for common secret leakage, tool-permission overreach, unsafe hooks, and risky MCP server setups.","avoid_when":"You need authoritative guarantees about runtime behavior, or you want a service/API to integrate into an environment with network-hosted endpoints and managed auth.","alternatives":["General secret scanners (e.g., Gitleaks, TruffleHog)","SAST tools for code and config repositories","Custom policy/lint rules tailored to Claude Code configuration formats","Manual security review of agent tool permissions and hook definitions"],"af_score":54.0,"security_score":29.0,"reliability_score":37.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:35:51.805719+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":false,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":[],"oauth":false,"scopes":false,"notes":"README indicates the CLI can run locally (auto-discovery and scanning). The optional '--opus' analysis requires ANTHROPIC_API_KEY, implying an external API key for the analysis mode rather than authentication to AgentShield itself."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing details are provided in the supplied README/manifest content."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":54.0,"security_score":29.0,"reliability_score":37.5,"mcp_server_quality":0.0,"documentation_accuracy":80.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":85.0,"rate_limit_clarity":20.0,"tls_enforcement":0.0,"auth_strength":35.0,"scope_granularity":10.0,"dependency_hygiene":55.0,"secret_handling":50.0,"security_notes":"Security scanning tool focused on detecting secrets and risky configurations in local Claude Code setups. TLS/auth scope for any network services is not applicable because the interface is primarily local CLI. The '--opus' mode implies use of an external Anthropic API key, but provided content does not describe how keys are stored/handled, how network calls are authenticated, or how to prevent leaking secrets during scans/outputs.","uptime_documented":0.0,"version_stability":60.0,"breaking_changes_history":50.0,"error_recovery":40.0,"idempotency_support":"false","idempotency_notes":"No explicit idempotency guarantees are stated; the --fix mode implies local file modifications for certain findings.","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Auto-discovery and template scoring may produce findings that are not active runtime exposure; interpret runtimeConfidence fields accordingly.","Auto-fix changes may require review; while described as 'safe issues', behavior is only partially constrained by the tool's rule set.","Opus/LLM-based modes depend on external API keys and may introduce non-determinism versus purely static scanning."]}}