Security & trust for AI agents · Live on MCP

The security layer for AI agents.

Give your AI agent pay-per-call access to 22 cybersecurity tools — vulnerability scans, threat intel, compliance checks, code security — so it can check what it's about to touch before it acts. Built on the open-source engines you already trust (nmap, Nuclei, Semgrep, sslyze, trufflehog, trivy). Pay per call via API key or x402 USDC on Base. No subscriptions, no minimums.

Try the Demos → Get Beta Access

Security Tools

Compliance Frameworks

Cheapest Call

MCP

Native Integration

How It Works

Built for autonomous AI agents

Drop-in MCP server with structured tool definitions. Your agent calls them. We wrap battle-tested open-source engines (nmap, Nuclei, sslyze, Semgrep, trufflehog, trivy) and threat-intel APIs (NVD, AbuseIPDB, OTX) so you get the tools you already trust, billed per call.

Connect

Add AgentAegis to your MCP client config (Claude Desktop, custom agent, n8n) or POST to /mcp over HTTP.

Authorize

Use an API key (monthly budget) or pay per call with x402 micropayments — USDC on Base. No subscription, no commitment.

Call tools

Your agent invokes any of 22 tools — compliance checks, vuln scans, code audits, threat intel — with structured input/output.

Get structured results

Tools return JSON your agent can act on directly. Severity ratings, remediation steps, references — all machine-readable.

Tool Catalog

22 cybersecurity tools, agent-native

Wrappers around best-in-class engines (nmap, Nuclei, sslyze, Semgrep, trufflehog, trivy) plus framework-aware compliance logic and threat intel aggregation. Full open-source attribution at NOTICE.md. The trust layer — agent-facing verdicts like vet_endpoint — is coming next.

compliance_framework_check$2.00

Assess posture against SOC 2, ISO 27001, HIPAA, PCI-DSS, NIST CSF

Compliance

evidence_collect$1.00

Generate evidence collection plans for audit controls

Compliance

control_gap_analysis$2.00

Prioritized remediation roadmap with effort estimates

Compliance

audit_report_generate$5.00

Audit-ready compliance reports for board, auditor, regulator

Compliance

policy_generate$2.00

Tailored security policies (incident response, access control, etc.)

Compliance

vuln_scan_network$3.00

Scan IPs/domains for open ports, services, vulnerabilities

Vuln Mgmt

vuln_scan_web_app$5.00

OWASP Top 10 web app vulnerability scan

Vuln Mgmt

vuln_prioritize$1.00

EPSS + business-context risk scoring

Vuln Mgmt

cve_lookup$1.00

CVE details, CVSS, KEV status, patches

Vuln Mgmt

ssl_tls_audit$1.00

Cert validity, protocols, ciphers, vulnerabilities

Vuln Mgmt

sast_scan$5.00

Static analysis for security vulnerabilities (8+ languages)

Code

secret_scan$2.00

Detect hardcoded secrets, API keys, tokens

Code

dependency_audit$2.00

CVE check across npm, pip, Go, Ruby, Java, Cargo

Code

incident_triage$3.00

Classify incidents, generate response plans, suggest containment

Blue Team

threat_intel_lookup$2.00

IOC lookup against threat intel feeds

Blue Team

dns_security_check$1.00

SPF, DKIM, DMARC, DNSSEC, dangling records

Blue Team

email_security_audit$2.00

Comprehensive email security with hardening recommendations

Blue Team

access_review$1.00

Audit user access against least-privilege principles

Identity

mfa_audit$1.00

MFA coverage and method strength assessment

Identity

credential_check$2.00

Check email/domain in known breach databases

Offensive

vet_endpointSoon

Composite trust verdict before your agent pays an unknown endpoint — SSL, domain age, threat intel, breach exposure, on-chain reputation → PROCEED / CAUTION / BLOCK

Trust Layer · Coming soon

scan_mcp_pluginSoon

Scan an MCP server or agent skill for malicious patterns before your agent installs or trusts it

Trust Layer · Coming soon

kya_verifySoon

Know-Your-Agent attestation, built on Mastercard's Verifiable Intent

Trust Layer · Coming soon

agent_reputationSoon

On-chain wallet/agent reputation lookup to gauge counterparty risk

Trust Layer · Coming soon

See It In Action

Six interactive demos

Watch AgentAegis run against a fictional fintech, Quill Finance. Realistic findings, real tool output, no signup required.

90-second security audit →

SSL, DNS, email security, breach exposure — combined into one report card.

4 tools · ~6s

SOC 2 readiness check →

Score, gaps, prioritized 90-day roadmap with effort + cost estimates.

2 tools · ~7s

code security audit →

SAST + secrets + dep CVEs on a fake repo. 22 findings with exact line numbers.

3 tools · ~8s

incident triage at 3am →

Brute-force on admin account → classification, threat intel, containment plan.

3 tools · ~5s

policy generator →

Interactive — pick a policy type and watch a tailored document render live.

1 tool · interactive

network pen test →

Full nmap + Nuclei + risk prioritization. 26 findings, 8 prioritized actions.

3 tools · ~10s

View all demos →

Pricing

Pay only for what your agent calls

Two payment methods. Same per-call prices. No subscriptions, no monthly minimums.

API Key

Best for agents you control. Set a monthly budget, get usage analytics.

Same per-call pricing as x402
Set monthly spend limits
Usage dashboard & analytics
Webhooks for async scans
Top up via card or invoice

Get Beta Access

Agent-native

x402 Micropayment

No signup. Your agent pays per call via USDC on Base. Pure pay-as-you-go.

No registration required
USDC on Base (mainnet)
Settlement in seconds
Standard x402 protocol
Works with any x402 client

Get Beta Access

Integration

Drop in. Done.

Add AgentAegis to your MCP client in one block. Works with Claude Desktop, custom agents, n8n, LangChain, and anything that speaks MCP.

claude_desktop_config.json

"mcpServers": {
  "agentaegis": {
    "command": "node",
    "args": ["./agentaegis-mcp/dist/index.js"],
    "env": {
      "AGENTAEGIS_API_KEY": "aegis_..."
    }
  }
}