Skip to main content

Try Snyk’s Latest Innovations in AI Security

Identify your AI models, test your AI systems against attacks, and scan your MCPs

Snyk customers now have access to Snyk AI-BOM and Snyk Agent Scan in experimental preview – with more to come!

A command-line tool called "mcp-scan" analyzing a server's tools. The scan flags a prompt injection error, a tool description warning, and two "toxic flow" warnings for a potential date leak and destructive action.

Agent Scan

Agent Scan is an open source tool for analyzing Model Context Protocol (MCP) setups. It automatically discovers and secures MCP servers (e.g Claude, Cursor, Windsurf), Agent Skills, and Data pipelines, and scans them for common security issues such as prompt injection, tool poisoning, toxic flows, and other vulnerabilities.

Start with these commands:

Try the Free CLI:

uvx snyk-agent-scan@latest --skills

Scans your installed servers for security vulnerabilities in tools, prompts, and resources (automatically discovers MCP configs, including Claude, Cursor, Windsurf, etc.). Identify Toxic Skills via SKILL.md files containing obfuscated malware, backdoors, and prompt injection payloads.

Inspect any skill before you install it — right from your web browserView docs
A close-up of a terminal window showing the command $ snyk aibom and its resulting JSON output, which is an AI Bill of Materials in the CycloneDX format.

Snyk AI-BOM

Identify your AI models, datasets, MCPs, and more. Map your entire AI supply chain across all your apps with Snyk’s AI Bill of Materials – available in both our CLI and as an API.

Start with this command:

$ snyk aibom --experimental [<OPTION>]

For Python projects using Snyk CLI v1.1298.3 (or later).

You can also use the Snyk AI-BOM API - get started here.

View Docs

Sign up for updates

Join Snyk Labs in leading AI security innovation

Sign up today and be part of building a more secure AI-native tomorrow.

Follow the Snyk Labs journey to:

  • Get exclusive updates on the development of future security solutions being incubated by Snyk Labs. 

  • Be the first to know about our latest research findings and security insights for AI-native applications.

  • Apply to co-build an incubation if you’d like to partner with Snyk Labs.

Get Snyk Labs Updates