NOW IN BETA · OWASP LLM TOP 10 COVERAGE

Security scanning
built for AI agents

AgentCop automatically audits your LLM-powered agents for prompt injection, data exfiltration, privilege escalation, and 50+ other attack vectors — before they reach production.

Scan Your Agents Free See How It Works ⭐ Star on GitHub
Open Source — MIT Licensed
No signup required
Powered by Sentinel 🚨
agentcop — AST analysis running
AgentCop — Security Scan Initiated
Taint analysis · call graph · rule engine
CRITICAL · Prompt Injection [CWE-20]
agent.py:84 — user input → llm.invoke unsanitized
WARNING · Command Injection [CWE-78]
tools.py:31 — taint → subprocess.run shell=True
PROTECTED · Input Validation
sanitize_input() guards detected
WARNING · Secret Exposure [LLM09]
Hardcoded API key in llm_config
1 Critical 2 Warning 1 Protected
Score: 52/100
THREAT DETECTED
⚡ Real AST analysis

Works with your stack

LangGraph CrewAI AutoGen LlamaIndex Haystack Semantic Kernel
9
Frameworks
50+
Attack signatures
AST
Real taint analysis
MIT
Licensed
CAPABILITIES

Everything you need to ship
secure AI agents

From static code analysis to runtime behavioral monitoring, AgentCop gives your team complete visibility into agent security posture.

Prompt Injection Detection

Identifies unsanitized user inputs that could manipulate your agent's system prompt or override safety instructions.

CWE-20 OWASP LLM01

Taint Flow Analysis

AST-based data flow tracking follows tainted sources (user input, env vars, HTTP) through your code to dangerous sinks (eval, exec, subprocess).

CWE-78 OWASP LLM02

Call Graph Analysis

Detects recursive agent loops without depth limits, unbounded retry patterns, and missing termination conditions that can cause runaway costs.

OWASP LLM04 Loop detection

Framework-Aware Rules

Detects framework-specific misconfigurations: LangChain missing guardrails, AutoGen no termination, CrewAI unbounded delegation, and more.

LangChain AutoGen CrewAI

AI-Generated Fix Diffs

Sentinel generates targeted before/after code patches for every critical and warning finding — not generic advice, actual code fixes.

Auto-fix Code diffs

GitHub & ZIP Support

Point at a public GitHub repo, drop a ZIP archive, or paste code directly. All Python files analyzed recursively with import graph tracking.

GitHub repos ZIP upload
HOW IT WORKS

From code to confidence
in three steps

1

Paste, Upload, or Link

Paste Python code, drop a ZIP archive, or enter a public GitHub repo URL. No install or signup required.

2

Real AST Analysis

The engine builds a call graph, runs taint flow analysis, and fires 50+ OWASP LLM Top 10 rules — all in seconds.

3

Fix with Sentinel

Get Sentinel's verdict, a security score, and before/after code patches generated by Claude for every critical finding.

OWASP LLM TOP 10

Built around OWASP LLM Top 10

AgentCop is the only scanner purpose-built for agentic systems, covering all OWASP LLM Top 10 categories plus agent-specific risks not found in traditional SAST tools.

LLM01
Prompt Injection
LLM02
Insecure Output
LLM05
Supply Chain
LLM07
Plugin Security
LLM09
Overreliance
agent.py — AgentCop fix suggestion AUTO-FIX AVAILABLE
def handle_user_message(user_input: str):
-system_prompt = BASE_PROMPT + user_input
+sanitized = sanitize_input(user_input)
+system_prompt = BASE_PROMPT
 
+messages = [
+  {"role": "system", "content": system_prompt},
+  {"role": "user", "content": sanitized},
+]
 
response = client.chat(messages=messages)
return response
Separates system/user roles to prevent instruction override attacks
OPEN SOURCE

Open Source & Free Forever

AgentCop is fully open source. No plans, no paywalls, no credit card required.

Try the Scanner Now ⭐ Star on GitHub
LIVE SCANNER · OWASP LLM Top 10 · Real AST Analysis

Scan your agent now

Paste code, upload a ZIP, or point at a GitHub repo. No signup required.

~5–30s