OPEN SOURCE · RUST · MIT LICENSE

Know what your AI agents can do before they do it.

Agent Shield discovers every AI agent in your codebase, maps their permissions, scores their risk, and generates compliance-ready audit reports. Like npm audit, but for autonomous AI.

Install CLI See Dashboard
agent-shield scan ./my-project
$ agent-shield scan ./acme-ai-platform

======================================================
AGENT SHIELD — Risk Assessment
======================================================

Scan date: 2026-04-07 18:42 UTC
Framework: NIST AI RMF
Agents: 7 discovered
Overall: 72/100 HIGH

--- Agent Inventory ---

Agent Framework Risk Tools Permissions
----- --------- ---- ----- -----------
CustomerSupportBot LangChain 72 HIGH 8 EXEC
DataAnalysisAgent CrewAI 58 MED 5 READ/WRITE
CodeReviewAgent Anthropic MCP 45 MED 4 READ
EmailDraftAgent OpenAI Assist. 52 MED 3 READ/WRITE
SchedulingAgent Custom Agent 28 LOW 2 READ
ReportGenerator Vercel AI 22 LOW 1 READ
OnboardingAgent LangGraph 48 MED 6 READ/WRITE

--- Critical Findings ---

CRITICAL CustomerSupportBot can execute system commands
Fix: Remove subprocess access. Implement tool allowlisting.
Ref: NIST AI RMF: GOVERN 1.7, MAP 3.4

HIGH 4 of 7 agents lack input validation
Fix: Add input sanitization to prevent prompt injection.

MEDIUM No audit trail on DataAnalysisAgent
Fix: Implement logging for all agent decisions and tool calls.

CRITICAL: 1 HIGH: 4 MEDIUM: 8 LOW: 2
Full report: agent-shield scan --format json -o report.json
cargo install agent-shield Copy to clipboard
10
Agent Frameworks
4
Compliance Standards
<30s
Full Codebase Scan
MIT
Open Source License
Capabilities

Every agent. Every risk. Every framework.

Agent Shield scans your codebase, discovers AI agents across 10 frameworks, and generates actionable risk reports mapped to compliance standards.

🔍

Agent Discovery

Automatically detects AI agents across LangChain, CrewAI, AutoGen, OpenAI Assistants, Anthropic MCP, and 5 more frameworks. Finds agents you didn't know existed.

🎯

Risk Scoring

Each agent gets a 0-100 risk score based on autonomy level, tool access, data permissions, guardrail coverage, and blast radius. NIST 4-tier autonomy classification.

🛡

Guardrail Detection

Identifies input validation, output filtering, rate limits, human-in-the-loop gates, scope restrictions, and content filters. Finds what's missing.

📋

Compliance Mapping

Every finding maps to NIST AI RMF, ISO 42001, EU AI Act, or OWASP Agentic Top 10. Auditor-ready references, not vague recommendations.

📄

Board-Ready Reports

Generate PDF risk scorecards that CISOs can present to their board. Not developer logs — executive summaries with clear remediation paths.

CI/CD Integration

Run in your pipeline. Fail builds that exceed risk thresholds. Block deployments of agents without required guardrails. Shift left on AI governance.

Detection

10 agent frameworks. Zero configuration.

Point agent-shield at a directory. It handles detection, parsing, and analysis automatically.

LangChain 40
LangGraph 40
CrewAI 50
AutoGen 50
OpenAI Assistants 35
Anthropic MCP 30
Anthropic Agent SDK 45
AWS Bedrock Agents 35
Vercel AI SDK 25
Custom Agents 55
Standards

Mapped to the frameworks that matter.

Every finding references a specific compliance control. Your auditors will thank you.

DEFAULT

NIST AI RMF

Govern, Map, Measure, Manage — full coverage across all four functions.

CERTIFIABLE

ISO/IEC 42001

The certifiable AI management standard. Map findings to audit controls.

AUG 2026

EU AI Act

High-risk AI obligations take effect August 2026. Start preparing now.

2026 v1

OWASP Agentic

The first security taxonomy built specifically for autonomous AI agents.

Your AI agents are already deployed.
Do you know what they can do?

Install Agent Shield in 30 seconds. Get your first risk report in under a minute.

Install CLI → See Pricing →