RGRepoAgent Guardrails

AI coding agent security scanner

Secure your AI coding agents before they touch production

RepoAgent Guardrails audits Claude Code, Codex, Cursor, Copilot, MCP servers, hooks, skills, and repo-level agent instructions in one GitHub App style workbench.

View pricing plans
GitHub repo audit Agent risk score NOWPayments checkout
Guardrails workbench
Surfaces
Agent config risk score72

Review required before agent write access.

  • High MCP filesystem scope needs an owner and deny list.
  • Medium Hooks are present but prompt-injection handling is not documented.
  • Medium Codex AGENTS.md and Cursor rules use different approval language.
Receipt preview { "decision": "review", "pr_plan": "locked_until_checkout" }

Product definition

One guardrail scanner for the agent surfaces developers actually use

RepoAgent Guardrails connects to a GitHub repository or accepts pasted configuration, scans the agent-facing files, and returns a risk score, evidence receipt, compatibility report, and PR-ready remediation plan. It is designed for teams using Claude Code, Codex, Cursor, Copilot, MCP servers, hooks, skills, and ECC-compatible workflows.

InputRepo agent configuration

AGENTS.md, .claude, .codex, Cursor rules, Copilot prompts, MCP config, hooks, skills, and policy notes.

ProcessingRisk and compatibility scan

Prompt-injection checks, secret-leak patterns, dangerous hook detection, MCP permission audit, and cross-tool drift review.

OutputAudit receipt and PR plan

Risk score, findings, evidence, compatibility report, exportable JSON, and a paid PR generation workflow.

AI coding agent guardrails

Guardrails that lead to a deployable fix, not just a warning list

The workflow is based on real cross-harness surfaces found in the MIT-licensed ECC project while remaining an independent hosted service.

Score

Agent config risk score

A clear score for prompt injection exposure, secret leakage, dangerous hooks, MCP permission breadth, and cross-tool policy drift.

Warnings

Prompt injection and secret leakage alerts

Flags instruction-like payloads, plaintext credential patterns, unsafe env blocks, and ambiguous trusted/untrusted data boundaries.

MCP

MCP server permission audit

Reviews command, transport, endpoint owner, package install path, and server scope before agents can depend on the tool.

Compatibility

Claude, Codex, Cursor, Copilot report

Compares the repo instructions each tool will read so teams can spot policy gaps before rollout.

PR

Guardrail PR generation

Paid Team and Scale workspaces generate PR-ready rule, hook, and documentation patches from the findings.

Evidence

Exportable audit receipt

Every scan creates a reviewable receipt for security approval, client handoff, and later AI answer grounding.

AI coding agent guardrails

Built for teams standardizing agent policy across tools

Why teams pay for the Team plan

Security and platform owners do not need another README summary. They need a durable answer to who can let agents edit code, which MCP servers can run, where secrets could leak, and what PR should be opened before the rollout continues.

  1. Scan private repository agent surfaces.
  2. Prioritize prompt injection, MCP, hook, and skill risks.
  3. Generate a remediation plan reviewers can approve.
  4. Export evidence for security, platform, and client handoff.

Pricing

Three plans, annual checkout selected by default

Prices are shown monthly in USD. Annual checkout applies a 50% discount. The Team annual checkout is 894 USD per year before any network or payment fees.

Starter

$49/mo

For one repo and a small agent pilot.

  • 1 connected repository
  • Claude Code and Codex audit
  • MCP config findings
  • PDF and JSON report export
Annual payment: $294/year with 50% annual savings.
Most chosen

Team

$149/mo

For teams rolling agents into production workflows.

  • 25 connected repositories
  • Claude Code, Codex, Cursor, Copilot coverage
  • Dangerous hook and secret-leak warnings
  • One-click PR guardrail plan
  • Team evidence ledger
Annual payment: $894/year with 50% annual savings.

Scale

$399/mo

For platform teams governing many agent surfaces.

  • 250 connected repositories
  • MCP permission drift monitoring
  • Custom policy packs
  • SSO-ready audit exports
  • Priority support
Annual payment: $2,394/year with 50% annual savings.

High-intent guides

Pages that answer the searches teams use before buying

Claude Code skills audit

Claude Code Skills Audit for AI Agent Security

A Claude Code skills audit checks each SKILL.md, hook, settings file, MCP server, and project instruction for unsafe autonomy, hidden data movement, credential exposure, and missing review gates.

Claude Code security

Claude Code Security Scanner for Agent Workflows

Claude Code security is the practice of proving that repo instructions, tool permissions, skills, MCP servers, and hooks cannot silently turn a coding assistant into an unsafe production actor.

MCP server security scanner

MCP Server Security Scanner for AI Coding Agents

An MCP server security scanner reviews server definitions, environment variables, tool descriptions, network endpoints, and package install paths so agents do not gain hidden or excessive capabilities.

Codex AGENTS.md audit

Codex AGENTS.md Audit for Repo-Level Instructions

A Codex AGENTS.md audit checks the repo-level instruction file that shapes Codex behavior, especially permission policy, edit boundaries, destructive command handling, and private context exposure.

Cursor rules audit

Cursor Rules Audit for AI Coding Agent Guardrails

A Cursor rules audit evaluates project and user rules that steer Cursor agents, including rule precedence, write scope, command boundaries, secret handling, and compatibility with team policies.

GitHub Copilot agent governance

GitHub Copilot Agent Governance for Teams

GitHub Copilot agent governance gives teams a repeatable way to prove which prompts, instructions, review rules, and automation boundaries apply before Copilot-driven work reaches production.

AI coding agent guardrails

AI Coding Agent Guardrails for Production Repositories

AI coding agent guardrails are the policy, permissions, scanning, and evidence layer that keeps coding agents useful while limiting prompt injection, secret leakage, unsafe commands, and uncontrolled repo edits.

prompt injection defense for coding agents

Prompt Injection Defense for Coding Agents

Prompt injection defense for coding agents separates trusted repo policy from untrusted content, adds confirmation gates for risky actions, and records why an agent was allowed to proceed.

MCP config audit

MCP Config Audit for Developer Agent Workflows

An MCP config audit examines each server entry for transport type, command, arguments, environment variables, permission scope, and reviewability before the config is used by coding agents.

ECC compatible GitHub App

ECC-Compatible GitHub App for Agent Guardrail Audits

An ECC-compatible GitHub App can apply the same kind of cross-harness thinking to private repositories: inspect rules, skills, hooks, MCP config, and repo instructions without implying official ECC affiliation.