The risks that individual scans miss.
An agent with web_search is fine. An agent with web_search + a prompt that says "do anything" + no human-in-the-loop is an exfiltration risk. Agent Security Reports find these cross-cutting threats.
HOW IT WORKS
From individual files to full agent audit.
01
Upload components
Provide your system prompt, agent config, and optional tool definitions. Each component is required for cross-cutting analysis.
02
Individual scans
Each component runs through its specialized scanner — prompt scanner, agent config scanner, or MCP scanner — in parallel.
03
Cross-cutting analysis
18 cross-cutting rules analyze how components interact. Finds risks that no individual scan can detect — like a permissive prompt combined with unrestricted tools.
04
Full report
Get a composite trust score, risk matrix, severity breakdown, and a prioritized remediation roadmap with effort estimates.
CROSS-CUTTING RULES
18 rules that analyze component interactions.
These rules fire only when specific conditions exist across multiple components simultaneously. Here are six of the most impactful.
Capability Escalation
Agent has overpermissive tools combined with a prompt that grants unbounded authority. The prompt trusts the agent to self-limit, but the tools don't enforce it.
Exfiltration Path
Network-capable tools (HTTP, fetch, webhooks) paired with a prompt that has no output guardrails. Data can leave the system unchecked.
Secret Exposure Chain
Secrets embedded in the prompt combined with tools that have external network access. One API call away from leaking credentials.
Uncontrolled Execution
Missing human-in-the-loop controls on the agent paired with a prompt that lacks refusal boundaries. The agent can act without approval.
Identity Manipulation
Prompt lacks an identity anchor while the agent allows delegation or handoffs. An attacker can override the agent's persona.
Memory Poisoning
Agent has unsafe memory access combined with a prompt lacking input validation. Stored context can be manipulated to alter future behavior.
THE REPORT
A complete pre-deployment audit.
01
Executive Summary
Composite trust score with classification, one-line verdict, and component + cross-cutting finding counts.
02
Component Overview
Individual scores for each component — prompt, agent config, tools — with their top findings and classification.
03
Cross-Cutting Risk Analysis
The premium analysis. Each cross-cutting finding shows which components are involved, evidence from each, and specific remediation.
04
Risk Matrix
Heatmap of threat categories vs. components. See where risks cluster and which component is the weakest link.
05
Severity Distribution
Stacked severity bars per component and overall. Understand the severity profile at a glance.
06
Remediation Roadmap
Prioritized list of fixes with severity, component, and effort estimates. Work top-down for maximum security improvement.
USE CASES
Built for teams shipping AI agents.
Pre-deployment gate
Run an Agent Security Report before every deployment. Block releases that fail cross-cutting analysis.
Security review
Give your security team a structured report with prioritized remediation — not a raw list of findings.
Compliance documentation
Export reports as evidence of security review for SOC 2, ISO 27001, or internal audit requirements.
Audit your agent before deployment.
Cross-cutting analysis finds the risks that individual scans miss. Available on the Pro plan.
Upgrade to ProENTERPRISE
Need fleet-wide AI security?
Scandar Overwatch gives you real-time visibility into every agent in your organization — policies, compliance reports, alert routing, and kill chain detection. Self-serve setup in 25 minutes.
Explore Overwatch →