Agentic Workflow Security Scanner
securityimported
Installation
$
npx agenticloops install agentic-security-scannerSummary
Weekly scan of all AI agent configs for OWASP LLM Top 10 vulnerabilities, prompt injection surfaces, and PII leakage.
- Runs Weekly (Monday), on any harness.
- Uses skills:
security,code-review,static-analysis. - Needs
cli python— checked at install; secrets are prompted, never in the file. - Runs at the standard capability tier (balanced model); the harness picks the model.
What it does
Scan all agentic workflow configurations, LLM system prompts, and MCP server definitions in this repository. Map the agent architecture and tool-call graph, detect prompt injection attack surfaces, identify PII leakage risks in data flows, and score every finding against the OWASP LLM Top 10 and Agentic AI threat matrix. Output a structured report with severity, location, and remediation guidance.
LOOP.md
--- name: agentic-security-scanner description: Agentic Workflow Security Scanner · Weekly scan of all AI agent configs for OWASP LLM Top 10 vulnerabilities, prompt injection surfaces, and PII leakage. schedule: Weekly (Monday) skills: [security, code-review, static-analysis] requires: cli: [python] tier: standard # frontier | standard | fast effort: medium concurrency: skip tags: [security, llm-safety, scanning, ai-ops] license: MIT --- Scan all agentic workflow configurations, LLM system prompts, and MCP server definitions in this repository. Map the agent architecture and tool-call graph, detect prompt injection attack surfaces, identify PII leakage risks in data flows, and score every finding against the OWASP LLM Top 10 and Agentic AI threat matrix. Output a structured report with severity, location, and remediation guidance.