Aguara is a static security scanner built specifically for AI agent skills and MCP server configs. 173 rules across 13 categories: prompt injection, credential leaks, data exfiltration, supply chain, SSRF, and more.
No LLM, no cloud, no API keys. One Go binary, scans in milliseconds.
No LLM, no cloud, no API keys. One Go binary, scans in milliseconds.
Four analysis layers: 1. Pattern matching (regex + base64/hex decoding) 2. NLP markdown analysis (AST walker, keyword classification) 3. Taint tracking (source-to-sink flow analysis) 4. Rug-pull detection (hash tracking across scans)
Every rule includes remediation guidance - when it finds a problem, it tells you how to fix it.
We also run Aguara Watch (watch.aguarascan.com), scanning 45,000+ skills across 7 public registries daily. The data shapes the rules.
Install: brew install garagon/tap/aguara Docker: docker run ghcr.io/garagon/aguara scan /scan GitHub Action: uses: garagon/aguara@v1
https://github.com/garagon/aguara