Aguara FAQs

Question 1

What types of threats can Aguara detect?

Accepted Answer

Aguara detects over 160 types of security threats across 12 categories. This includes prompt injection, credential leakage, supply chain attacks, data exfiltration, remote code execution, insecure MCP configurations, and more, using pattern, NLP, and toxic-flow analysis engines.

Question 2

How do AI agents integrate and use Aguara?

Accepted Answer

AI agents can integrate Aguara as an MCP server using simple commands for platforms like Claude Code, Claude Desktop, Cursor, or any MCP client. Once integrated, agents can use dedicated tools like `scan_content` for text, `check_mcp_config` for configurations, and `list_rules` to consult Aguara for security advice.

Question 3

Does Aguara require network access or cloud dependencies?

Accepted Answer

No, Aguara operates entirely locally with zero network access, no LLM calls, and no cloud dependencies. It runs in-process, offering deterministic, sub-millisecond scan times, ensuring privacy and high performance without external communication.

Question 4

What is Aguara and how does it secure AI agents?

Accepted Answer

Aguara is an open-source MCP server that provides AI agents with critical pre-installation security scanning capabilities. It allows agents to assess skills, plugins, and configurations for threats like prompt injection, credential theft, and remote code execution *before* they are installed or run, acting as a crucial security advisor.

Question 5

What makes Aguara's security robust?

Accepted Answer

Aguara is security-hardened by design, featuring no subprocess execution (it runs as an in-process Go library), strict input validation, filename sanitization, and version integrity verification. This prevents common attack vectors like PATH hijacking and ensures reliable, secure operation.

Aguara

Aguara

主な機能

ユースケース

主な機能

ユースケース