Back to Agents
agentscan
kriskimmerle February 2, 2026
1 copies 0 downloads
AI Agent Security Posture Scanner — enumerate all AI coding agents on a machine, map aggregate permissions, MCP servers, credential exposure. Scans Claude, Cursor, VS Code, Windsurf, Zed, Codex, aider, Moltbot.
Agent Definition
   # agentscan **AI Agent Security Posture Scanner** — enumerate all AI coding agents on a machine and map their aggregate permission surface. Developers run 3-5 AI agents simultaneously. Nobody audits the aggregate. Each agent has different config files, MCP servers, shell access, filesystem scope, and credential exposure. `agentscan` maps them all in one command. ## What It Scans | Agent | Config Locations | What It Checks | |-------|-----------------|----------------| | **Claude Desktop** | `~/Library/Application Support/Cursor/` | MCP servers, secrets in config | | **Claude Code** | `~/.cursor/`, `~/.cursor.json`, project `.cursor/` | Permissions, allowed tools, dangerous flags, MCP | | **Cursor** | `~/.cursor/`, `~/Library/.../Cursor/` | MCP servers, `.cursorrules` secrets | | **VS Code** | `~/Library/.../Code/User/` | Cursor, Cline, Continue, Roo Code, MCP | | **Windsurf** | `~/Library/.../Windsurf/`, `~/.codeium/` | MCP servers, settings | | **Zed** | `~/.config/zed/` | API keys in config, assistant settings | | **Codex CLI** | `~/.codex/` | Approval mode, instruction secrets | | **aider** | `~/.aider.*` | Config secrets, .env files | | **Moltbot/OpenClaw** | `~/clawd/`, `~/.config/moltbot/` | AGENTS.md, sudo usage, running processes | ## What It Finds ### Per-Agent - 🔑 **Hardcoded secrets** (API keys, tokens, passwords in config files) - 🛡️ **MCP server risks** (shell execution, dangerous commands, unvetted packages, filesystem scope) - ⚡ **Dangerous permissions** (permanently allowed tools, `--dangerously-skip-permissions`, full-auto mode) - 📂 **Filesystem exposure** (system directory access, sensitive path mounts) - 🔓 **Credential exposure** (sensitive environment variables passed to MCP servers) ### Cross-Agent - 📊 **Agent dens
Comments
More Agents
View alldocumentation
Documentation & Onboarding Agent
Agent that generates comprehensive documentation, API references, architecture diagrams, and developer onboarding guides from existing code.
C
Communitydebugging
Cursor Bug Triage Agent
Agent configuration for systematic bug investigation that traces issues from error logs through the codebase to root cause with suggested fixes.
C
Communityapi
API Integration Agent
Agent for integrating third-party APIs including SDK setup, type generation, error handling, retry logic, and rate limit management.
C
Communitycoding
Cursor Agent Mode
Cursor's built-in autonomous coding agent that can make multi-file edits, run terminal commands, search the codebase, and iteratively build features with minimal human intervention.
C
Cursor Teamcloud
Cursor Background Agent
Cloud-based autonomous coding agent that runs in the background on remote sandboxed environments, handling complex multi-step tasks while you continue working.
C
Cursor Teamcomposer
Cursor Composer Agent
Cursor's multi-file editing agent within Composer mode that can create, edit, and delete files across your entire project in a single conversation.
C
Cursor Team