agent-security-scanlisted

# agent-security-scan agent-security-scan performs report-only static review of agent execution surfaces. It scans settings, hooks, skills, Model Context Protocol configuration, and skill text for credential, remote fetch, shell side-effect, package-manager, protocol exposure, and broad execution risks. The default implementation reads local files only. External security runtimes such as AgentShield are optional dependencies, not required behavior. ## Contents - [Scan Targets](#scan-targets) - [When To Use](#when-to-use) - [Procedure](#procedure) - [Severity Values](#severity-values) - [Output Format](#output-format) - [Warnings](#warnings) ## Scan Targets - Claude Code: `~/.claude/settings.json`, `~/.claude/skills/*/SKILL.md` - Codex: `~/.codex/hooks.json`, `~/.codex/config.toml`, `~/.agents/skills/*/SKILL.md` - Repo: `<root>/*/SKILL.md`, `<root>/.mcp.json`, `<root>/.env` - HOME: `~/.mcp.json`, `~/.env` ## When To Use - After adding hooks, skills, Model Context Protocol servers, or credential surfaces. - After absorbing external agent governance logic. - When `settings.json`, `hooks.json`, `.mcp.json`, or `SKILL.md` may contain suspicious execution commands, remote fetches, or credential access. ## Procedure 1. Choose the repository root and HOME candidates. 2. Run `scripts/scan_agent_security_surface.py --root <repo> --home <home> --json`. 3. Inspect each finding's `severity`, `rule`, and `mitigation`. 4. Treat `mitigation=reject`, `critical - ...`, and `high -