Scan your Claude Code configuration for hardcoded secrets, risky permissions, and dangerous shell hooks.
Get a letter grade and numeric score for your AI agent setup along with suggested fixes.
Run AgentShield as a GitHub Action to automatically check every pull request for agent config risks.
| affaan-m/agentshield | indalok/rzweb | tickernelz/opencode-mem | |
|---|---|---|---|
| Stars | 719 | 723 | 711 |
| Language | TypeScript | TypeScript | TypeScript |
| Setup difficulty | easy | easy | easy |
| Complexity | 3/5 | 3/5 | 2/5 |
| Audience | developer | developer | vibe coder |
Figures from each repo's GitHub metadata at analysis time.
Basic scan runs with a single command and no setup, the optional three-agent deep analysis mode requires a paid Anthropic API key.
AgentShield is a security scanner for AI agent configurations. It looks at the setup files that tools like Claude Code use, specifically the configuration folder that controls what the AI is allowed to do, and checks for problems that could expose your machine or credentials to attackers. The tool checks five categories of risk: hardcoded secrets like API keys and passwords buried in config files, overly permissive settings that let the AI run any command without restriction, shell hooks that could allow an attacker to inject and execute malicious code, external AI tool servers (called MCP servers) that carry supply-chain or remote-access risks, and AI agent configurations that give the agent too much access or contain hidden instructions. Across these five categories it applies 102 rules and gives your setup a letter grade from A to F along with a numeric score from 0 to 100. You run it with a single command. It finds your configuration directory automatically, scans it, and prints a report that lists each problem with its severity, the file where it was found, and a suggested fix. Many simple fixes, like replacing a hardcoded API key with an environment variable reference, can be applied automatically using the --fix flag. You can also generate output as JSON for use in automated pipelines, as HTML for sharing with a team, or in SARIF format for integration with GitHub code scanning. For deeper analysis there is an optional three-agent mode that uses Claude Opus. One agent plays the role of an attacker looking for exploitable chains, a second plays a defender evaluating existing protections, and a third synthesizes both views into a prioritized action list. This mode requires an Anthropic API key. The project also includes a GitHub Action for running the scanner automatically on pull requests, a minimal sandboxed AI agent runtime called MiniClaw for teams that want a safe way to expose an AI endpoint over HTTP, and a GitHub App integration for organization-wide scanning. It was built at a Claude Code hackathon in early 2026 and is released under the MIT license. The full README is longer than what was shown.
AgentShield scans AI agent configuration folders like Claude Code's for security risks such as hardcoded secrets and overly permissive settings, then grades your setup.
Mainly TypeScript. The stack also includes TypeScript, Claude Opus, GitHub Actions.
MIT license, free to use, modify, and integrate into your own projects, including commercially.
Setup difficulty is rated easy, with roughly 5min to a first successful run.
Mainly developer.
This repo across BitVibe Labs
Verify against the repo before relying on details.