agent-inspector

Run dynamic runtime analysis on captured AI agent sessions. Analyze token usage, tool calls, behavioral patterns, PII detection, and model pinning. Use when user asks for runtime analysis, dynamic testing, behavioral analysis, or wants to analyze captured agent sessions through the proxy.

Cross-reference static code findings with dynamic runtime observations. Identify VALIDATED (confirmed at runtime) vs UNEXERCISED (never triggered) issues. Use when user asks to correlate, cross-reference static and dynamic findings, or prioritize issues based on runtime evidence.

Debug AI agent workflows by exploring agents, sessions, and events. Investigate behavioral issues and unexpected patterns. Use when user asks to debug, explore sessions, investigate issues, or examine agent behavior at runtime.

Apply intelligent, contextual security fixes to AI agent vulnerabilities. Fix prompt injection, output handling, tool security, data leaks, memory issues, supply chain, and behavioral risks. Use when user says fix, asks to remediate a recommendation (REC-XXX), apply security patches, or resolve vulnerabilities.

Check production deployment readiness for AI agents. Verify all CRITICAL and HIGH severity issues are resolved. Use when user asks about deployment readiness, gate status, blocking issues, or whether their agent is ready for production.

Generate security compliance reports for AI agents including OWASP LLM Top 10 coverage and SOC2 mapping. Support security_assessment, executive_summary, and customer_dd report types. Use when user asks for security report, CISO report, compliance documentation, executive summary, or customer due diligence.

Run comprehensive static security analysis on AI agent code using OWASP LLM Top 10 framework. Analyze prompts, outputs, tools, data handling, memory, supply chain, and behavioral patterns. Use when user asks for security scan, vulnerability check, OWASP analysis, code review for security, or wants to check their AI agent for security issues.

Install, configure, and ensure Agent Inspector is running for AI agent security analysis. Handles installation, server startup, provider detection, MCP tools, and IDE connection. Use when user asks to install, setup, configure agent-inspector, ensure it's running, or when starting a new security analysis project.

Check dynamic analysis status and session availability for AI agent security testing. Report session counts, analysis history, and readiness. Use when user asks about status, session availability, analysis readiness, or when dynamic analysis was last run.