P

prism-scanner

ToolsApache-2.0

Overview

A security scanner for AI Agent skills, plugins, and MCP servers, offering static analysis with taint tracking and residue detection.

Capabilities

  • prompt templates
  • github integration
  • mcp client integration
  • workflow automation support

Best For

prism-scanner is a Python security tool for scanning AI Agent skills, plugins, and MCP servers via static analysis and taint detection.

Decision Snapshot

Install

available

Usage

available

Config

3 strong hints

Capabilities

4 key capabilities detected

  • • GitHub stars: 8
  • • Forks: 1
  • • Source provenance count: 1
  • • Last seen: 3/24/2026
  • • Published: 3/18/2026

Installation / Setup

pip install prism-scanner && # Scan a local skill directory && prism scan ./my-skill/ && # Scan a GitHub repo directly

Usage

pip install prism-scanner && # Scan a local skill directory && prism scan ./my-skill/ && # Scan a GitHub repo directly

Features

  • **Taint Analysis** — Tracks data flow from sources (env vars, user input) to sinks (shell, network) within each file
  • **Zero Dependencies on Target** — Pure static analysis; never executes scanned code
  • **Residue Scanner** — Detects persistence mechanisms, shell config pollution, and credential leaks left by uninstalled tools
  • **Safe Cleanup** — Three-tier workflow (scan -> plan -> apply) with automatic backup and --rollback
  • **Suppression** — Use .prismignore to suppress known findings by rule ID with justification
  • **Offline Mode** — Run with --offline to skip all external lookups
  • prompt templates
  • github integration

Use Cases

  • Supports capabilities such as: prompt templates; github integration; mcp client integration.
  • Common usage themes: security, scanner, ai-agent, skill.

Supported Clients / Integrations

  • prompt templates
  • github integration
  • mcp client integration
  • workflow automation support

Compatibility Signals

  • GitHub: supports (Detected in parser config/capability hints.)

Prompt Examples

example

pip install prism-scanner && # Scan a local skill directory && prism scan ./my-skill/ && # Scan a GitHub repo directly

Notes / Requirements

  • Primary language: Python
  • License: Apache-2.0
  • Parser coverage score: 1.00
  • Source feeds: PyPI RSS + JSON API
  • Topic cluster: general

Official Links

Source Information

Community: 8 stars
Last Updated: Mar 24, 2026
PythonApache-2.0

You can verify all information on this page against the source repository above.

Related MCP Tools

What To Do Next

Continue from this tool into a workflow and a learn guide to shorten implementation time.