Beautiful Nature Background

Scan Your AI Agent in Seconds

Security scanner for AI agents GitHub repos.

Scan a Repo   →

No transaction required

Built for AI agents & Web3

Trusted by developers building the next generation of intelligent, decentralized software.

How ScanMyBot works

Three steps. Thirty seconds. Complete security report.

Paste your repo URL

Enter any public GitHub repository URL. We support any language, framework, or stack.

Paste repo URL step

Run the scan

ScanMyBot fetches your code and runs 30+ security checks across 5 categories in real-time.

Run scan step

Get your health report

Receive a 0-10 health score, prioritized issues, severity ratings, and actionable fix recommendations.

Health report step

Comprehensive security checks

From secrets to smart contracts — everything your AI agent and Web3 project needs.

Hardcoded Secrets

AWS keys, OpenAI tokens, Ethereum private keys, committed .env files

Dependency Audit

Vulnerable packages, outdated versions, known CVEs in your stack

Config Analysis

.gitignore validation, environment variable checks, deployment settings

Prompt Injection

Input sanitization, template usage, delimiter separation, system prompt protection

Insecure Output

eval() detection, SQL parameterization, XSS prevention, command injection checks

Model DoS Protection

Input length limits, rate limiting, request timeouts, token usage monitoring

Smart Contract Security

Reentrancy protection, access control, unchecked calls, integer overflow

Wallet Security

No hardcoded keys, limited approvals, transaction simulation, slippage protection

DeFi Risk Analysis

Oracle manipulation, flash loan protection, MEV risks, transaction deadlines

Explore our scanning capabilities

Deep analysis across every category — from secrets to smart contracts.

Secrets Detection

AWS keys, API tokens, private keys, committed .env files. Smart filtering eliminates false positives.

Dependency Security

Vulnerable packages, outdated versions, known CVEs. Checks package.json across your entire repo tree.

AI Agent Safety

Full OWASP LLM Top 10 coverage: prompt injection, insecure output, training data poisoning, excessive agency, and more.

Blockchain Security

Smart contract reentrancy, unlimited token approvals, oracle manipulation, flash loan protection, MEV risk analysis.

Frequently asked questions

Everything you need to know about ScanMyBot.

Secure your AI agent today

Paste a GitHub URL, get a full security report in seconds. No signup required.

Start Scanning — It's Free