Yes. The scanner is free, open-source (Apache-2.0), and requires no account. Run `npx firmis-cli scan` — unlimited scans, all rules, HTML + JSON + SARIF reports.

firmis-scanner

Name: firmis-scanner
Rating: 1.8 (1 reviews)
Author: Firmislabs

by Firmislabs·★ 0·Score 36

Firmis is a security scanner that detects malicious behavior in Claude Skills, MCP Servers, and other AI agent platforms.

securitydeveloper-toolsai-llm

Forks

Open issues

this month

Last commit

2d ago

Indexed

Overview

Firmis provides runtime security scanning for AI agents, protecting against credential harvesting, prompt injection, tool poisoning, and 18 other threat categories. It scans both code surfaces (what the agent's code actually does) and instruction surfaces (what SKILL.md and tool descriptions tell the agent to do). The tool can be used as a standalone scanner, integrated with Claude Desktop via MCP, or embedded in CI/CD pipelines with SARIF output.

Try asking AI

After installing, here are 5 things you can ask your AI assistant:

you:Scan MCP servers before integration to detect security vulnerabilities

you:Add security layer to Claude Desktop by scanning installed skills and tools

you:Integrate security scans into CI/CD pipelines for AI agent projects

you:Is it free?

you:What is tool poisoning?

When to choose this

Choose Firmis when you need security scanning for multiple AI agent platforms (MCP, Claude Skills, Codex plugins, etc.) and want deterministic rule-based analysis without requiring AI model inference.

When NOT to choose this

Don't choose Firmis if you need runtime monitoring of already-deployed agents (it focuses on pre-deployment scanning) or if you require AI-powered exploit analysis (which is a paid feature).

Tools this server exposes

3 tools extracted from the README

firmis_scan
Scan AI agent projects for security threats
firmis_discover
Discover supported platforms and configurations
firmis_report
Generate security reports

Comparable tools

mcp-scaninjecagentmcp-safetybench

Installation

**Zero-install scan**:

``bash npx firmis-cli scan ``

**Global installation**:

``bash npm install -g firmis-cli firmis scan ``

Claude Desktop Integration

Add to your MCP configuration:

{
  "mcpServers": {
    "firmis": {
      "command": "npx",
      "args": ["-y", "firmis-cli", "--mcp"]
    }
  }
}

This provides firmis_scan, firmis_discover, and firmis_report tools.

FAQ

Is it free?: Yes. The scanner is free, open-source (Apache-2.0), and requires no account. Run `npx firmis-cli scan` — unlimited scans, all rules, HTML + JSON + SARIF reports.
What is tool poisoning?: Tool poisoning is when an MCP server embeds hidden instructions in tool descriptions to hijack your AI agent. Research shows a 72.8% attack success rate. Firmis detects known poisoning patterns, hidden Unicode, description/behavior mismatches, and prompt override attempts.

Compare firmis-scanner with

firmis-scanner vs ultimate_mcp_server firmis-scanner vs mcp-server-chart firmis-scanner vs everything firmis-scanner vs filesystem firmis-scanner vs time

GitHub →

Last updated 2026-05-17 · Auto-generated from public README + GitHub signals.