AI Agent and MCP Plugin Security Scanner for Natural Language Attacks

dev tool venture scale ••• trending

As AI agents use MCP servers, skills, and plugins with natural language instructions, a new attack surface has emerged: prompt injection and social engineering hidden in tool descriptions and markdown files. Traditional code scanning misses 60% of these risks because the attacks are in prose, not code.

builder note

Don't build another generic prompt injection detector. The opportunity is specifically in the SUPPLY CHAIN angle: scanning registries and marketplaces of agent tools before they get installed. Think npm audit but for MCP servers. The moat is building the largest database of known attack patterns in natural language instructions.

landscape (3 existing solutions)

This space barely existed 6 months ago and is moving fast. Snyk and AgentSeal are the early movers but the tooling is still immature. The specific gap is scanning the SUPPLY CHAIN of AI agents: the skills, plugins, and MCP server descriptions that agents trust implicitly. As agent marketplaces grow, this becomes a critical infrastructure need.

Snyk agent-scan Very early stage. Scans for common threats but the natural language attack detection is basic. Focused on inventory more than deep analysis.

AgentSeal More comprehensive with 380+ attack probes, but still nascent. Uses three AI agents to red-team, which means scan costs are non-trivial.

Microsoft Prompt Shields Focused on content safety and prompt injection in user messages, not on scanning tool descriptions and skill files for embedded attacks.

sources (2)

hn https://news.ycombinator.com/item?id=47204228 "Surface scanning misses roughly 60% of the actual risk" 2026-03-01

other https://www.keysight.com/blogs/en/tech/nwvs/2026/01/12/mcp-c... "MCP command injection: new attack vector" 2026-01-12

AI-agentssecurityMCPsupply-chainprompt-injection