AI agents ship fast.Vulnerabilities ship faster. The complete AI agent security platform — scan before you ship, guard at runtime, and watch your entire fleet from one dashboard.
140+ detection rules · 11 runtime detection layers · Guard SDK free on every plan
44 finding categories
11 detection layers
9 agent frameworks
Skill Scanner
Drop a SKILL.md file or paste content to scan for threats
Skill MCP Server Config System Prompt Agent Config
HOW IT WORKS
Offline scan. AI behavioral analysis. Nothing gets through. 01
Offline Pattern Scan
140+ detection rules run offline — catching prompt injection, hardcoded secrets, dangerous commands, and obfuscated payloads in milliseconds. No network, no API key required.
02
AI Behavioral Analysis
Claude analyzes the file's intent, comparing what it claims to do against what it actually does. Catches what patterns miss: social engineering, subtle exfiltration, deceptive tool descriptions.
03
Trust Score
A single 0–100 score with every finding explained: severity, category, matched content, and what to do. Safe (90+), Caution (70–89), Risky (40–69), Dangerous (0–39). Gate your CI/CD pipeline on it.
RUNTIME PROTECTION · SCANDAR-GUARD
Inspect every tool call. Block threats in real time. scandar-scan finds threats before deployment. scandar-guard blocks them at runtime — inspecting every message, tool call, and agent response in-process. One line of code. Zero data leaves your environment.
In-process
no proxy, no sidecar
Python · TypeScript · Go
pip / npm / go get
Free on all plans
no limits
See how Guard works → from anthropic import Anthropic
from scandar_guard import guard
client = guard ( Anthropic ())
# Every message, tool call, and response — inspected.
THE FULL STACK
Three layers. Every phase of the AI agent lifecycle. 44
Threat categories
across all scanners
140+
Detection rules
deterministic Layer 1 rules
9
Agent frameworks
CrewAI, LangChain, AutoGen, and more
3
SDK Languages
TypeScript · Python · Go
$ npm install -g scandar-scan
added 1 package in 2.1s
$ scandar scan mcp-server.ts
Trust Score: 62/100 | Classification: suspicious
2 critical · 1 high · 1 medium
$ scandar scan . --format sarif > results.sarif
✓ 12 files scanned, SARIF written
WORKS IN YOUR TERMINAL
Scan locally. Gate your pipeline. Ship clean. Offline scan runs instantly — no API key, no data sent anywhere. Output SARIF for GitHub Code Scanning. Gate your CI/CD pipeline on trust scores.
Auto-detect
file type detection
SARIF output
CI/CD integration
Watch mode
scan on file change
Offline
zero network calls
PLATFORM
Everything you need to secure AI integrations. Scan, fix, and verify — from a single platform. Every tool works together.
Skill Scanner
Pattern-based and LLM-powered analysis for AI skill files. Detect prompt injection, credential theft, and data exfiltration.
FREE Offline + AI · 10/mo
PRO Offline + AI · Unlimited
MCP Server Scanner
Deep analysis of MCP server source code across TS, Python, Go, Rust, and Java. Catch tool poisoning, hardcoded secrets, and unsafe exec.
FREE Offline + AI · 10/mo
PRO Offline + AI · Unlimited
Config Scanner
Audit MCP config files for dangerous commands, insecure transports, hardcoded secrets, and risky server combinations.
FREE Offline + AI · 10/mo
PRO Offline + AI · Unlimited
System Prompt Scanner
41 rules detect missing defenses, secret leakage, injection susceptibility, encoding bypasses, and excessive agency grants.
FREE 10 scans/mo
PRO Unlimited scans
Agent Config Scanner
81 rules across 9 frameworks — CrewAI, LangChain, AutoGen, Claude SDK, and more. Detect tool injection, delegation risks, and unsafe defaults.
FREE 10 scans/mo
PRO Unlimited scans
Agent Security Reports PRO
Scan an entire agent bundle — prompt, config, and tools — with 18 cross-cutting rules that find risks only visible when components interact.
PRO Bundle analysis · Unlimited
AI Fix PRO
Select threats and let Claude automatically rewrite your code with threats removed. Review the diff, then download.
PRO Auto-remediation · Unlimited
CLI
Run scans from your terminal or CI/CD pipeline. Auto-detection, threshold gates, SARIF and JSON output.
FREE Offline scan
PRO Offline + AI · API access
Marketplace
Browse verified skills and MCP servers. Every listing has passed 3-layer security review. Free to install.
FREE Browse & install
PRO Scan history & reports
VERIFIED MARKETPLACE
Verified skills. Always free. Every skill has passed Layer 1, Layer 2, and manual review before listing. Free to install, free to use. Always.
View All Skills → PRICING
Guard is free. Scans start at $0. Both analysis layers on every plan. Guard always included. No per-inspection charges.
Free
Layer 1 + Layer 2 analysis Agent Security Reports (18 rules) scandar-guard SDK (unlimited) Recent scan history (last 25) 1 free scan, no account needed Start Scanning MOST POPULAR
Pro
Unlimited scans, up to 5 seats AI Fix — auto-remediate threats Full scan history & dashboard API access & key management CLI with Layer 2 analysis Upgrade to Pro Overwatch
5 policies + Slack/email alerts 30-day retention, 15 seats Start Overwatch Enterprise
100+ agents ($5/agent above) 5-framework compliance + SIEM SSO, quarantine, 5 alert channels Audit log, API key scoping Talk to Us Most teams are live in 25 minutes without a demo.
Ship AI agents with confidence. Scan it first. Free. Results in seconds.
Start Scanning