Read-only AI agent CLI security audit for hidden global Skill routing, credential inheritance, bridge snapshots, and over-broad permissions.
Find out when a globally installed AI Agent CLI changes routing, spreads one Skill across multiple hosts, or exposes credentials to unrelated child agents.
Agent CLI Scope Guard is a read-only, dependency-free Python auditor for local Agent configuration. It reports evidence without collecting secret values and never removes Skills, stops processes, changes permissions, publishes, or deploys.
View the source on GitHub · 中文 README
danger-full-access and no-approval execution amplify a routing mistake.git clone https://github.com/xiaoqi-AI/agent-cli-scope-guard.git
cd agent-cli-scope-guard
python -m pip install -e .
agent-scope-guard --json --fail-on high
Python 3.11 or newer is required. Secret values are never emitted.
A global route, ambient credential, or bridge snapshot is an observed local risk. It does not by itself prove malicious behavior or remote exfiltration. The project keeps observed evidence, bounded inference, and confirmed events separate.