Ai Security Auditor

Comprehensive security auditing for AI agents, covering prompt injection, tool permissions, and data leakage risks.

Install
cmdop skills install agensi-ai-security-auditor

AI Security Auditor is a skill published by agensi that evaluates AI agent configurations, prompt templates, and MCP tool integrations for security vulnerabilities. It applies the 2025 OWASP Top 10 for LLM Applications as its auditing framework, surfacing issues that standard code linters do not cover.

The skill performs four distinct classes of analysis. Injection detection scans prompts for direct and indirect injection vectors, including second-order threats originating from RAG pipelines or tool outputs. Permission boundary auditing reviews MCP server and tool definitions to flag overly permissive access to filesystems, networks, or databases. Data leakage prevention scans system prompts and conversation logs for PII, secrets, and hardcoded credentials. Agency assessment identifies Excessive Agency risks by checking whether high-impact actions have human-in-the-loop gates in place.

Findings are delivered as a structured audit report with prioritized remediations mapped to specific lines of code, making results actionable rather than advisory. The skill is described as compatible with agent frameworks and MCP setups, and its output is designed to support security reviews and compliance documentation.

This skill is appropriate when moving AI agents from a development sandbox toward production and needing a systematic security checkpoint. It is not a runtime firewall or a general-purpose static analysis tool — it focuses specifically on the LLM agent security surface.

Use cases

  • Audit MCP server tool definitions for overly permissive filesystem, network, or database access
  • Scan system prompts and prompt templates for direct and indirect injection vectors
  • Detect PII, secrets, and hardcoded credentials in system prompts or conversation logs
  • Identify Excessive Agency risks where high-impact agent actions lack human-in-the-loop controls
  • Generate a structured audit report suitable for security review or compliance documentation
  • Apply the 2025 OWASP Top 10 for LLM Applications to an agent codebase before production deployment

When to use it

  • Before promoting an AI agent from sandbox to production
  • When an agent integrates with MCP servers that have access to sensitive resources
  • When prompt templates are authored by multiple contributors and injection surface is unclear
  • When compliance or security review documentation is required for an AI system

When not to use it

  • As a runtime firewall or real-time request filter — this is an audit skill, not live protection
  • For auditing non-agent software that does not involve LLM prompts or MCP tool integrations
  • When a general-purpose SAST or dependency vulnerability scanner is what is needed