Your developers are running AI agents you don't know about.

Claude Code, Cursor, Copilot, MCP servers -- installed without approval, running with full access to source code and credentials. One command finds all of them and shows you what to fix.

$ npx opena2a-cli review

Run a full security review -- opens an HTML dashboard in your browser

$ npx opena2a-cli init
Scan Your ProjectView on GitHub

170K+

MCP servers cataloged

1.1M+

packages in registry

147

security checks

20+

AI agents detected

From the founders of CyberSecurity NonProfit (12,000+ security professionals)

Assess. Fix. Harden.

One command for a full security review. Then fix and harden.

Google API keys grant unintended AI access

Keys provisioned for Google Maps or Places can silently invoke Gemini LLM endpoints. AWS keys intended for S3 may reach Bedrock AI. OpenA2A detects these cross-service privilege escalations and creates deny-all broker policies.

DRIFT-001

Google API key can access Gemini AI

Maps/Places key invokes Gemini LLM endpoints

DRIFT-002

AWS key can invoke Bedrock LLMs

S3/EC2 key has Bedrock AI permissions

Terminal
$ opena2a init --verbose
Scope Drift Detected
DRIFT-001 Google Maps key -> Gemini AI src/config.js:5
DRIFT-002 AWS S3 key -> Bedrock AI src/aws.js:1
[CRITICAL] Migrate 2 drifted credentials
Run: opena2a protect

What it finds

Six categories of findings across credential, configuration, runtime, and supply chain security.

Hardcoded Credentials

Anthropic, OpenAI, Google, AWS, GitHub, and generic API key patterns across all source files.

CRED-001 through CRED-004

Scope Drift

API keys provisioned for one service that silently grant access to AI models. Google Maps to Gemini, AWS S3 to Bedrock.

DRIFT-001 and DRIFT-002

Config Integrity

SHA-256 signing for config files. Detect unauthorized modifications to package.json, mcp.json, Dockerfile.

opena2a guard sign/verify

Runtime Monitoring

Process, network, and filesystem activity monitoring. Protocol-aware scanning for MCP, A2A, and OpenAI endpoints.

opena2a runtime start

Supply Chain Verification

Binary integrity checks against the OpenA2A Trust Registry. Detect tampering in installed packages.

opena2a verify

Project Hygiene

.gitignore coverage, .env protection, lock file presence, MCP config detection, security config assessment.

Trust Score 0-100

Three tools that cover the full lifecycle

Detect shadow AI, scan for vulnerabilities, and lock down credentials.

Discovery
opena2a detect

opena2a detect

Discover shadow AI agents, MCP servers, and AI configs running in your project. Governance score shows what's governed and what's not.

Get started
Security testing
npx hackmyagent

hackmyagent

147 security checks across 30 categories. Finds credential leaks, injection vulnerabilities, and MCP misconfigurations.

Get started
Credential safety
npx secretless-ai

secretless

Keeps API keys and secrets out of AI tool context. Supports Claude Code, Cursor, Copilot, Windsurf.

Get started
See all 8 tools

Language-aware migration

Credential replacements match your language's env var idiom.

JavaScriptprocess.env.API_KEY
Pythonos.environ.get('API_KEY')
Goos.Getenv("API_KEY")
RubyENV['API_KEY']
JavaSystem.getenv("API_KEY")
Ruststd::env::var("API_KEY")

CI/CD integration

All commands support --format json and --ci flags.

# GitHub Actions
- name: Security assessment
  run: npx opena2a-cli init --ci --format json

- name: Credential check
  run: |
    npx opena2a-cli protect --dry-run --ci
    # Fail if credentials found

- name: Config integrity
  run: npx opena2a-cli guard verify --ci

Find leaked credentials in 30 seconds

One command scans your project for hardcoded secrets, scope drift, and misconfigurations. No signup required.

$ npx opena2a-cli review
Scan Your ProjectView on GitHub

Stay Updated on AI Agent Security

Subscribe to our newsletter for weekly insights, vulnerability alerts, and best practices