AI agents are powerful.
Misconfigured agents are dangerous.
Agent frameworks give AI systems tools, autonomy, and memory. A single misconfiguration — unrestricted tool access, no human approval, no execution limits — can let an agent act beyond its intended scope. Scandar catches these issues before deployment.
WHAT IT DETECTS
15 universal rules + framework-specific checks.
Universal rules apply to every agent config regardless of framework. Framework-specific rules catch issues unique to each platform.
Missing Human-in-the-Loop
Detects agents that can act autonomously without approval checkpoints or confirmation hooks.
Unrestricted Autonomy
Flags missing execution limits, unbounded iteration counts, and agents with no max turns or timeout.
Overpermissive Tools
Catches wildcard tool access, "all" permissions, and tool lists that grant more access than needed.
Hardcoded Credentials
Identifies API keys, tokens, and secrets embedded directly in agent configuration files.
Missing Rate Limits
Flags agents with no rate limiting, throttling, or cost controls on API or tool invocations.
Unsafe Memory Access
Detects unrestricted context windows, unscoped memory access, and missing memory boundaries.
Missing Output Validation
Catches agents that pass tool outputs directly without validation, sanitization, or format checks.
Dangerous Defaults
Flags debug modes, verbose logging, missing audit trails, unrestricted network access, and unsafe permissions.
SUPPORTED FRAMEWORKS
9 frameworks. 52 framework-specific rules.
Scandar auto-detects the framework from your config file and applies the right rules automatically. Universal rules always run on top.
CrewAI8 rules
Detects unsafe delegation chains, missing task validation, unscoped memory access, and overpermissive agent roles
LangChain / LangGraph7 rules
Catches unrestricted tool access, missing output parsers, unsafe agent executors, and unvalidated chain outputs
AutoGen6 rules
Flags unsandboxed code execution, missing termination conditions, unmoderated group chats, and unrestricted Docker access
OpenAI Assistants6 rules
Identifies unrestricted code interpreter, overly broad file search, missing function scoping, and expired run handling
OpenAI Agents SDK5 rules
Detects unrestricted handoffs between agents, missing guardrails, and unvalidated tool choice overrides
Claude Agent SDK5 rules
Catches missing confirmation hooks, unrestricted tool use, and absent stop conditions that allow runaway execution
Semantic Kernel5 rules
Flags auto-invoked functions without approval, unsafe plugin injection, and unrestricted planner access
Amazon Bedrock5 rules
Identifies overly broad action groups, missing guardrail ARN references, and sessions without TTL limits
Google Vertex AI5 rules
Detects missing safety settings, disabled grounding, absent tool restrictions, and agents without timeout limits
HOW IT WORKS
Drop a config. Get a security audit.
01
Upload
Drop your agent config file — YAML, JSON, Python, or any framework format. Or paste the content directly.
02
Detect & scan
Scandar auto-detects the framework, applies 15 universal rules plus framework-specific checks. Results in milliseconds.
03
Fix & ship
Every finding includes severity, matched content, and remediation guidance. Fix the issues and deploy with confidence.
Scan Your Agent Config
Drop a config file or paste the content. Results in milliseconds.
Scan an Agent ConfigENTERPRISE
Need fleet-wide AI security?
Scandar Overwatch gives you real-time visibility into every agent in your organization — policies, compliance reports, alert routing, and kill chain detection. Self-serve setup in 25 minutes.
Explore Overwatch →