Free · 100% private · runs in browser

AI Agent Security Scanner

Orchesis AI Agent Security Scanner checks your AI agent configuration for security vulnerabilities. 80+ checks across 9 categories including CVE database matching, OWASP MCP Top 10 compliance, and IDE-specific config validation for Cursor, Claude Code, and OpenClaw. 100+ checks available via CLI. No signup required. All processing runs client-side — your config data never leaves your browser. Free, open source, MIT license.

✓ 80+ checks✓ 9 categories✓ Browser-only✓ No data sent✓ Open source✓ OWASP MCP Top 10✓ Claude Code · Cursor · OpenClaw

🔒 Privacy first: your config never leaves your browser. Zero data collection.

Don't have a config file? Run: orchesis verify — it finds and checks your config automatically.

Paste config JSONCtrl+Enter to scan

What we check — 80+ checks across 9 categories

Supply Chain

CVE database, malicious packages, typosquatting, version pinning

Credentials

12 secret patterns, entropy detection, admin tokens, shared credentials

Permissions

autoApprove, broad paths, sensitive file access, tool restrictions

Docker Security

Privileged mode, socket mounts, host network, sensitive paths

Network

Unencrypted transport, TLS verification, remote endpoints, ports

Cross-Server

Exfiltration paths, tool collisions, server count, shared credentials

IDE & Agent ConfigNEW

Claude Code, Cursor, OpenClaw: sandbox, permissions, hooks, deny rules

OWASP ComplianceNEW

Logging, context oversharing, prompt injection indicators

Protocol SecurityNEW

A2A authentication, shell interpreters, elevated execution

More tools

Want a full security assessment? Try the Security Scorecard →

Need runtime protection? Install Orchesis proxy →

Read our research: 75% of MCP configs have security problems →