macOS
brew install snyk-agent-scanlocal Homebrew formula metadata
brew
Constrain, log and scan your MCP connections for security vulnerabilities. Version 0.5.12 via Homebrew; verified 2026-06-24.
install
brew install snyk-agent-scanlocal Homebrew formula metadata
overview
Constrain, log and scan your MCP connections for security vulnerabilities
history
Snyk Agent Scan is Snyk's CLI for discovering and scanning local AI agent components, MCP servers, skills, and related configuration for security risks. It reflects the new package-manager problem of executable agent ecosystems: installed tools are no longer just binaries, they are prompts, skills, MCP configs, and commands that may run during inspection.
The public GitHub repository was created in 2025. Its README describes Agent Scan as a tool for inventorying installed agent components and scanning for prompt injections, sensitive data handling, malware payloads hidden in natural language, tool poisoning, toxic flows, and vulnerabilities in agent skills.
The README notes that CLI output is experimental and that Agent Scan 0.4 was published with a technical report on emerging threats in the agent skill ecosystem, indicating a young tool aimed at a fast-changing area.
Official usage examples install and run the tool with `uvx snyk-agent-scan@latest`, while the input records a Homebrew formula. The supported-agent matrix includes mainstream developer agents such as Claude, Cursor, Windsurf, Gemini CLI, VS Code, Codex, Amazon Q, and others.
Users can run a full machine scan, scan a specific MCP configuration file, scan one skill file, or scan a directory of skills. The README warns that scanning MCP configurations may execute commands defined in those configs, so the CLI includes interactive consent and a deliberately named flag for trusted non-interactive runs.
Package nerds care because Agent Scan treats local agent configuration as supply chain surface. It scans the places modern developer tools install behavior, including project, user, system, extension, and plugin scopes, making it relevant to anyone packaging or auditing AI-enabled command-line environments.
security posture
No matching local secret-handling manifest was found for snyk-agent-scan. Nucleus package metadata is still published here so future coverage has a stable package URL.
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
executables
| Command | Kind | Exposure | Note |
|---|---|---|---|
snyk-agent-scan | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
https://github.com/snyk/agent-scan
install metadata
| Package key | brew:snyk-agent-scan |
|---|---|
| Version | 0.5.12 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/snyk-agent-scan |
| Homepage | https://github.com/snyk/agent-scan |
| Repository | https://github.com/snyk/agent-scan |
| Upstream docs | https://github.com/snyk/agent-scan#readme |
| License | Apache-2.0 |
| Source archive | https://files.pythonhosted.org/packages/12/29/7e0b0f90353d02b73a254580d7b2e760f3ecfe3bcbf364b28593d15163eb/snyk_agent_scan-0.5.12.tar.gz |
| Last updated | 2026-06-24T14:11:04Z |
| Pulse | updated |
| Dependencies | certifi, cryptography, libyaml, pydantic, python@3.14, rpds-py |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | snyk-agent-scan |
| Version Scheme | 0 |
| Revision | 0 |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.