Skip to content
Tech News
← Back to articles

Show HN: Scan your AI agents for dangerous capabilities

read original more articles

πŸ›‘οΈ MakerChecker The open-source security layer for AI agents. Deny-by-default enforcement, human approvals, and a cryptographically signed audit trail β€” so your agent runs only what it's granted and provably can't approve its own work. Website Β· Live Demo Β· mc scan Β· Docs

Your agents keep running in their existing framework (LangChain, Claude SDK, CrewAI). MakerChecker sits in front of every tool call as a checkpoint and behind it as a signed ledger: an agent acts only through a role, runs only the skills it was granted, cannot exceed its limits, and cannot approve its own work.

πŸš€ Quick Start

1 β€” Scan your code

Find what your agent can already do on its own, classified by risk. No install, nothing leaves your machine:

npx @makerchecker/scan .

It flags every consequential action β€” deleting data, moving money, running shell commands, exfiltrating secrets β€” names each against the real incident it resembles, and can write the governance code for you with --fix . β†’ packages/scan

2 β€” Guarantee its behavior

Import the controls and wrap any tool. The agent can now only run what its role was granted β€” a call it isn't allowed is denied before it executes:

npm i @makerchecker/embedded

... continue reading