Free lite scanner + paid $7 repo safety bundle

Preflight your repo before giving AI coding agents tool access.

AI coding agents can read instructions, run package scripts, touch MCP/Cursor/Claude configs, and trip over secret-adjacent files. This starter pack gives you a cheap first pass before Claude Code, Cursor, Codex-style agents, or local automations start working.

New: Playwright MCP browser-agent preflight receipt proof

Using microsoft/playwright-mcp to let Claude Code, Cursor, Codex, or another agent drive a browser session? This buyer-specific receipt shows what to check before logged-in apps, localhost services, form submissions, package scripts, or secret-adjacent config enter scope. PLAYWRIGHT_MCP_BROWSER_AGENT_PROOF

Open the Playwright MCP browser-agent proof Get the reusable $7 workflow

New: Agent2Agent protocol workflow preflight proof

Using a2aproject/A2A or a similar coding-agent workflow? This buyer-specific receipt shows what to check before agent-to-agent connectors, package scripts, API tools, workflow files, and secret-adjacent config enter scope. A2A_AGENT_PROTOCOL_WORKFLOW_PROOF

Open the Agent2Agent protocol proof Get the reusable $7 workflow

30-second buy / skip decision

Run the free scan first. The paid pack is for the moment the scan creates real handoff work — not for fear-buying a blank repo.

Buy the $7 pack if the scan is Yellow/Red

Two or more risk buckets, package scripts, MCP/Cursor/Claude config, secret-adjacent files, or shell commands the agent might run. The bundle gives you the reusable report template, destructive-command hook, demo, and verifier instead of rebuilding them during the task.

Skip it for now if the scan is Green

Zero or one low-risk signal, no agent config, no risky install/deploy scripts, and no secret-adjacent files. Use the free lite scanner and normal code review discipline.

Check the buy/skip rule Buy the $7 starter pack

New: JetBrains Koog JVM/Kotlin agent preflight proof

Using JetBrains/koog-style Koog JVM/Kotlin agents? This buyer-specific receipt shows what to check before Gradle/Maven scripts, workflow permissions, API tools, deployment config, generated edits, or secret-adjacent env values enter scope. JETBRAINS_KOOG_JVM_AGENT_PROOF

Open the Koog preflight proof Get the reusable $7 workflow

New: Mistral Vibe coding-assistant preflight proof

Using mistralai/mistral-vibe or a Vibe-style terminal coding assistant? This buyer-specific receipt shows what to check before repo context, shell/package commands, workflow files, MCP/tool connectors, or secret-adjacent config enter scope.

Open the Mistral Vibe coding assistant proof Get the reusable $7 workflow

Free preview: run it in 60 seconds

New: CAMEL-AI multi-agent workflow preflight proof

Using camel-ai/camel or a similar agent framework? This buyer-specific receipt shows what to review before multi-agent role/task prompts, tool/API connectors, package scripts, generated repo edits, shell commands, and .env-adjacent values enter an agent run. CAMEL_AI_MULTI_AGENT_PROOF

Open the CAMEL-AI preflight proof Get the reusable $7 workflow

New: Google ADK Python agent preflight proof

Using google/adk-python or a Google ADK-style Python agent workflow? This buyer-specific receipt shows what to review before repo files, package scripts, tool/API connectors, deployment config, or secret-adjacent environment values enter the agent run. GOOGLE_ADK_PYTHON_AGENT_PROOF

Open the Google ADK preflight proof Get the $7 pack

New: FastMCP tool-server preflight proof

Using PrefectHQ/fastmcp or a FastMCP-style Python MCP server? This buyer-specific receipt shows what to review before MCP tools, package commands, API calls, env values, or shell access enter a Claude/Cursor/Codex agent session. FASTMCP_TOOL_SERVER_PROOF

Open the FastMCP preflight proof Get the reusable $7 workflow

New: Amazon Q Developer CLI preflight proof

Using aws/amazon-q-developer-cli or an Amazon Q-style terminal AI coding assistant? This buyer-specific receipt shows what to review before repo edits, shell commands, package/deploy scripts, or AWS credential-adjacent files enter scope. AMAZON_Q_DEVELOPER_CLI_PROOF

Open the Amazon Q preflight proof Get the reusable $7 workflow

New: Crush terminal coding-agent preflight proof

Using charmbracelet/crush or a Crush-style terminal coding agent? This buyer-specific receipt shows what to review before repo edits, package scripts, workflow files, shell commands, or secret-adjacent paths enter the task. CRUSH_TERMINAL_AGENT_PROOF

Open the Crush preflight proof Get the reusable $7 workflow

New: Cline VS Code autonomous-agent preflight proof

Using Cline in VS Code with workspace files, terminal commands, MCP/browser tools, package scripts, or secret-adjacent files? This buyer-specific receipt shows what to freeze before the agent run and when a Yellow/Red scan should trigger the reusable $7 workflow.

Open the Cline preflight proof Get the reusable $7 workflow

git clone https://github.com/el-zachariah/ai-agent-safety-starter-pack.git
cd ai-agent-safety-starter-pack
python3 agent_preflight_lite.py /path/to/repo

The lite scanner flags agent instruction files, MCP / Claude / Cursor / Cline / GitHub Copilot instruction config, workflow files, risky shell patterns, package scripts, and secret-adjacent filenames worth reviewing before a run.

New: Claude Code GitHub Action preflight proof

Using anthropics/claude-code-action in GitHub Actions? This buyer-specific receipt shows what to review before the workflow comments on PRs, edits files, runs package scripts, or receives secret-adjacent CI context. CLAUDE_CODE_ACTION_GITHUB_WORKFLOW_PROOF

Open the Claude Code Action preflight proof Get the reusable $7 workflow

New: Codebuff terminal-agent preflight proof

Using CodebuffAI/codebuff or a Codebuff-style terminal coding agent? This buyer-specific receipt shows what to review before repo edits, package scripts, workflow files, shell commands, or secret-adjacent paths enter the task. CODEBUFF_TERMINAL_AGENT_PROOF

Open the Codebuff preflight proof Get the reusable $7 workflow

New: Agno agent-framework preflight proof

Using agno-agi/agno or an Agno-style agent framework? This buyer-specific receipt shows what to review before repo files, package scripts, MCP/API connectors, vector/database config, or secret-adjacent environment values enter the agent run. AGNO_AGENT_FRAMEWORK_PROOF

Open the Agno preflight proof Get the reusable $7 workflow

New: Kilo Code agentic engineering preflight proof

Using Kilo-Org/kilocode or a similar VS Code agentic-engineering extension? This buyer-specific receipt shows what to review before workspace context, terminal commands, MCP/tool servers, package scripts, or secret-adjacent files enter scope. KILO_CODE_AGENTIC_ENGINEERING_PROOF

Open the Kilo Code preflight proof Get the reusable $7 workflow

New: Cloudflare Workers AI Agents preflight proof

Using cloudflare/agents, Workers AI, Durable Objects, or wrangler deploy flows? This buyer-specific receipt shows what to review before package scripts, .dev.vars, API-backed tools, shell commands, or deploy config enter an agent run.

Open the Cloudflare Agent preflight proof Get the reusable $7 workflow

New: Zed Agent Panel preflight proof

Using zed-industries/zed, Zed Agent Panel, or editor-native AI coding workflows? This buyer-specific receipt shows what to check before repo edits, package scripts, MCP connectors, shell commands, or secret-adjacent files enter scope.

Open the Zed preflight proof Get the reusable $7 workflow

New: BMAD agent workflow preflight proof

Using bmad-code-org/BMAD-METHOD or BMAD-style analyst/PM/architect/dev/QA agents? This buyer-specific receipt shows what to check before generated stories, package scripts, repo edits, or automation credentials enter an agent run.

Open the BMAD preflight proof Get the reusable $7 workflow

New: Bolt-style browser app-builder preflight proof

Using stackblitz-labs/bolt.diy, Bolt.new-style builders, or hosted browser AI app builders? This buyer-specific receipt shows what to review before generated package scripts, .env files, preview servers, or deploy config enter the agent run.

Open the Bolt-style preflight proof Get the reusable $7 workflow

Try the included risky sample

python3 agent_preflight_lite.py examples/sample-risky-repo

You should see five demo findings: an agent instruction file, a secret-adjacent file, package scripts, a curl-piped shell install, and a destructive delete command. That gives you a quick proof of what the scanner will surface in your own repo.

New: one-minute repo risk scorecard

The scorecard converts the free scan into a fast Green / Yellow / Red decision: run normally, add a handoff note, or stop and set guardrails before the agent gets shell access.

Green: 0–1 buckets
Run the agent with normal review discipline.
Yellow: 2–3 buckets
Write may-run / must-ask / must-not-touch rules first.
Red: 4+ buckets
Use the full preflight workflow and command guardrails before tool access.

Buyer trigger: if the scan lands Yellow or Red and the agent will run commands in a real repo, the $7 bundle saves the setup work of building the report template, hook, and verifier yourself.

Open the one-minute scorecard Buy the $7 starter pack

New: red-flag to action matrix

Not sure what to do after the scan flags `AGENTS.md`, MCP config, package scripts, secret-adjacent files, or risky shell patterns? Use the free matrix to turn findings into run / ask / avoid decisions before the agent gets shell access.

Open the red-flag matrix Buy the $7 starter pack

New: Claude Code slash-command bridge

Copy the free /agent-preflight command into a repo before a tool-enabled Claude Code session. It tells the agent to run the lite scanner, produce a Green / Yellow / Red decision, and write the run / ask / avoid handoff before shell commands begin.

Install the free slash command Buy the $7 starter pack

New: CrewAI multi-agent workflow preflight

Running a CrewAI-style crew with local tools, package scripts, .env values, or write-capable API calls? This buyer-specific receipt shows what to review before multiple agents inherit repo and token scope.

Open the CrewAI preflight proof Get the reusable $7 workflow

New: AutoGen multi-agent workflow preflight proof

Running AutoGen-style planner/executor agents with function calls, code execution, MCP/browser tools, package scripts, or API-backed actions? This buyer-specific receipt shows what to freeze before multiple agents inherit repo and token scope.

Open the AutoGen preflight proof Get the reusable $7 workflow

New: OpenAI Agents SDK workflow preflight proof

Running OpenAI Agents SDK workflows with handoffs, function tools, MCP/API connectors, package scripts, or environment-backed execution? This buyer-specific receipt shows what to review before agents inherit repo and credential scope.

Open the OpenAI Agents SDK preflight proof Get the reusable $7 workflow

New: GitHub Copilot coding agent preflight proof

Using GitHub Copilot coding agent with repository instructions, workflow secrets, issue/PR automation, or package scripts? This buyer-specific receipt shows what to freeze before Copilot gets a task and when the Yellow/Red scan should trigger the reusable $7 workflow.

Open the Copilot coding agent proof Get the reusable $7 workflow

New: PR-Agent review bot preflight proof

Using PR-Agent or another PR review bot with issue comments, workflow context, package scripts, or repository permissions? This buyer-specific receipt shows what to freeze before the bot gets trusted automation scope.

Open the PR-Agent review bot proof Get the reusable $7 workflow

New: smolagents tool-running agent preflight proof

Running Hugging Face smolagents, a CodeAgent, or a Python tool-calling workflow with repo files, package scripts, browser/API tools, or local environment scope? This buyer-specific receipt shows what to freeze before the agent gets tool access.

Open the smolagents preflight proof Get the reusable $7 workflow

New: Continuous Claude-style loop proof

Leaving a persistent Claude Code, MCP, or hook loop attached to a repo? This customer-specific example shows the 5-minute receipt to write before long-running state, shell commands, and tool access begin.

Open the Continuous Claude-style preflight Get the reusable $7 workflow

New: multi-harness agent marketplace preflight

Trying agents or plugins from a Claude Code, Codex CLI, Cursor, OpenCode, Copilot, or Gemini marketplace? This buyer-specific receipt shows what to check before a package inherits repo instructions, MCP/tool configs, and shell access.

Open the marketplace-agent preflight Get the reusable $7 workflow

New: marketplace PR reviewer preflight proof

Reviewing a third-party agent/plugin/skill marketplace PR before listing it? This proof gives maintainers a concrete 5-minute receipt for commands, package scripts, MCP/tool config, secret-adjacent files, and shell scope before downstream users install the submission.

Open the marketplace PR reviewer proof Get the reusable $7 workflow

New: runtime safety hook preflight

Evaluating a runtime safety wrapper or hook layer for Claude Code/Codex-style agents? Run this free preflight first so the safety layer inherits reviewed repo instructions, MCP/tool configs, package scripts, secret-adjacent files, and shell rules.

Open the runtime safety hook preflight Get the reusable $7 workflow

New: continuous-agent preflight example

Running a persistent Claude Code, MCP, or agent harness across sessions? Use the free 7-minute receipt example to decide what the agent may run, what it must ask about, and when the $7 workflow bundle saves setup time before long-running state inherits repo risk.

Open the continuous-agent example Buy the $7 starter pack

New: Claude Code hook/TDD preflight proof

Using Claude Code hooks, TDD guardrails, MCP routing, or a continuous agent loop? The free proof page shows a 6-minute preflight receipt for exactly what the agent may run, what it must ask about, and when the paid bundle saves repeated setup.

Open the hook preflight proof Buy the $7 starter pack

New: MCP config preflight receipt example

Adding a filesystem, GitHub, database, or internal-tools MCP server to Claude Code or Cursor? This customer-specific proof shows the Yellow handoff to write before the agent can read tokens, call tools, or run shell commands.

Open the MCP config receipt example Get the reusable $7 workflow

New: PR/issue preflight review comment

Need a visible receipt before an AI agent works on a pull request or issue? Paste the free review comment template with the scan decision, risk buckets, allowed commands, must-ask actions, and the exact Yellow/Red upgrade trigger.

Open the review comment template Buy the $7 starter pack

New: maintainer preflight receipt example

For GitHub maintainers, plugin directory curators, and small teams reviewing AI-agent PRs: this proof page shows the exact receipt to ask for before Claude Code, Codex, Cursor, or an MCP-backed agent gets shell access.

Open the maintainer receipt example Get the reusable $7 workflow

New: free agent handoff playbook

Turn the scan into a short operating note before Claude Code, Codex, Cursor, or an MCP-backed agent gets shell access. The playbook gives you a 10-minute scan → triage → run/avoid-list flow, plus copy-paste guardrail text for the agent task.

Read the free handoff playbook

Copy-paste prompt for the agent task

Need a faster handoff? Use the free prompt block to tell Claude Code, Codex, Cursor, or another coding agent what it may run, what it must ask about first, and when the $7 bundle saves setup time.

Open the copy-paste task prompt Get the full $7 workflow

Should you buy it? Use the 5-minute upgrade checklist

If the free scan finds agent configs, package hooks, risky shell patterns, or secret-adjacent files, use this checklist to decide whether the $7 bundle saves enough setup time to justify buying now.

Open the upgrade decision checklist Buy the $7 starter pack

New: Aider terminal pair-programming preflight

Using Aider or a similar terminal AI pair-programmer in a real checkout? This customer-specific proof shows the receipt to write before the assistant edits files, runs tests, or touches install/build scripts.

Open the Aider preflight receipt Get the reusable $7 workflow

New: SWE-agent autonomous patch preflight

Using SWE-agent or a similar issue-to-patch autonomous coding agent in a real checkout? This customer-specific proof shows the receipt to write before the agent edits files, runs tests, or touches package/workflow scripts.

Open the SWE-agent preflight receipt Get the reusable $7 workflow

New: Continue.dev IDE agent preflight proof

Using Continue.dev or a similar IDE coding agent with workspace context and terminal access? This customer-specific proof shows the 5-minute receipt before .continue/ configs, MCP/context providers, package scripts, and token boundaries are exposed.

Open the Continue.dev IDE agent preflight Get the reusable $7 workflow

New: Ruflo / Claude Flow-style swarm preflight proof

Running Ruflo or a Claude Flow-style multi-agent swarm with Claude Code, Codex, Hermes, MCP tools, shell commands, memory, or package scripts? This buyer-specific receipt shows what to freeze before the swarm fans out work.

Open the Ruflo swarm preflight receipt Get the reusable $7 workflow

New: Composio tool-integration agent preflight proof

Using Composio-style toolkits, MCP connectors, auth-backed actions, or sandboxed workbenches with an AI agent? This customer-specific receipt shows what to freeze before repo context, API tools, package scripts, or credential-adjacent files enter the run.

Open the Composio tool-agent preflight receipt Get the reusable $7 workflow

Use it right before an agent run

Free scan first, then upgrade only when it saves setup time

1. Run the free lite check

Use the public scanner to surface instruction files, agent configs, secret-adjacent filenames, package scripts, workflows, and risky shell patterns before a tool-enabled agent run.

2. If it flags work, use the $7 pack

The paid starter pack gives you the reusable preflight mini, destructive-command hook, report templates, buyer quickstart, and local verifier so you do not rebuild the safety workflow from scratch.

3. Keep the result with the repo

Drop the report into your handoff notes before assigning Claude Code, Codex, Cursor, or another AI coding agent to install, test, refactor, or deploy.

Who it helps

Developers and small teams letting AI agents work inside real repositories, especially unfamiliar repos with install, test, deploy, or automation scripts.

What the $7 bundle adds

Full repo preflight mini, destructive-command hook, buyer quickstart, demo risky repo/report, report templates, verification scripts, and limitations FAQ.

What it is not

Not a sandbox, malware scanner, secret scanner, or full security audit. It is a fast practical checklist before an agent gets tools.

Why buy the full starter pack?

Get the full $7 bundle View a sample report

Trust and support before buying

Public proof

The lite scanner, docs, examples, commit history, and issue tracker are public on GitHub before you pay.

Local-first bundle

The paid ZIP is designed to run locally; you do not send your private repo, secrets, or code to Signal Loom Works.

Support path

Use GitHub Issues for pre-sale questions or install friction. Do not post private code or secrets.

Read trust + support notes Buy the $7 starter pack

Claude Code marketplace proof

Curating Claude Code plugins or AI-agent tools? Read the concise proof page showing the exact user, checked signals, sample report, and why this free repo is a low-risk pre-tool-access utility.

Open the curator proof page Buy the $7 starter pack

Verify the public distribution trail before buying

New buyers do not have to trust a silent checkout page. The live proof page links open directory/marketplace PRs, free repo assets, support expectations, and the Payhip bundle so Claude Code and agent-tooling teams can confirm the seller is active.

Read the live distribution proof before choosing whether to buy the low-ticket starter pack.

Using Claude Code hooks like TDD Guard?

Run the free local preflight before enabling an enforcement hook, then keep the Green/Yellow/Red receipt with the first hook-enforced PR.

Read the TDD Guard preflight workflow

New: Agent Skills-compatible package

For teams using Agent Skills / n-skills-style workflows with Claude Code, Codex, Cursor, or MCP-backed agents, the free repo now ships a portable skills/agent-safety-preflight/SKILL.md package that turns repo preflight into an installable habit before command access.

Open the Agent Skills package Get the reusable $7 workflow

Customer proof examples

Codex CLI / PR-agent preflight proof

For teams using openai/codex-style AI coding agents, the new Codex preflight example shows how to paste a risk receipt into the task before the agent edits, tests, or opens a PR.

Read the Codex CLI preflight example or buy the $7 full pack when the scan is Yellow/Red.

Gemini CLI terminal-agent preflight proof

Using Google Gemini CLI or a similar terminal AI coding agent in a real checkout? This customer-specific proof shows the receipt to write before the agent edits files, runs tests, or touches package/workflow scripts.

Read the Gemini CLI preflight example or buy the $7 full pack when the scan is Yellow/Red.

  • Browser-use web-agent preflight proof — for browser automation agents before repo/API credentials or payment/admin surfaces; Yellow/Red scan → buy the $7 pack.
  • E2B code-interpreter agent preflight proof

    Using E2B-style sandboxes or code-interpreter agents against a real repository? This customer-specific proof shows what to check before the agent receives repo files, env vars, sandbox templates, package scripts, or API-backed execution scope.

    Read the E2B code-interpreter preflight example or buy the $7 full pack when the scan is Yellow or Red.

    OpenCode terminal-agent preflight proof

    Using OpenCode or a similar terminal coding agent in a real checkout? This customer-specific proof shows the receipt to write before the agent edits files, runs tests, or touches package/workflow scripts.

    Read the OpenCode preflight example or buy the $7 full pack when the scan is Yellow/Red.

    VS Code agent extension preflight proof

    For teams using Cline, Roo Code, or similar editor agents, the new VS Code agent extension proof shows how to paste a risk receipt into the agent chat before the extension edits files, touches MCP/tool configs, or runs terminal commands.

    Read the VS Code agent extension preflight example or buy the $7 full pack when the scan is Yellow/Red.

    Cursor rules / background-agent preflight proof

    Using Cursor with .cursorrules, .cursor/rules/*, background agents, or repo-level rule packs? This proof shows the receipt to write before Cursor inherits project instructions, MCP/tool config, package scripts, or broad edit/test scope.

    Read the Cursor rules preflight example or buy the $7 full pack when the scan is Yellow/Red.

    Goose / local AI-agent preflight proof

    For teams using Block Goose, MCP extensions, or shell-enabled local agents before granting repo, env, browser, or package-script scope.

    Read the Goose local-agent proof or buy the $7 pack when the scan is Yellow/Red.

    New: LangGraph stateful-agent preflight proof

    Running LangGraph-style stateful agents with tool calls, checkpoint stores, MCP/API connectors, package scripts, or deployment context? This buyer-specific proof shows the receipt to write before the graph agent gets repo and shell scope.

    Open the LangGraph preflight proof Get the reusable $7 workflow

    New: OpenHands task-branch preflight proof

    Using OpenHands-style autonomous software-engineering agents to open task branches, run shell commands, and change real repos? This buyer-specific proof shows the receipt to write before the agent gets repo and package-script scope.

    Open the OpenHands preflight proof Get the reusable $7 workflow

    New: Pydantic AI production-agent preflight proof

    Building typed Python agents with Pydantic AI, toolsets, MCP/API connectors, environment-backed models, or package scripts? This buyer-specific receipt shows what to freeze before a production agent run gets repo and credential scope.

    Open the Pydantic AI preflight proof Get the reusable $7 workflow

    New: Mastra TypeScript agent preflight proof

    Building Mastra-style TypeScript agents with tools, memory/storage config, package scripts, MCP/API connectors, or deployment secrets? This buyer-specific receipt shows what to freeze before the agent gets repo and shell scope.

    Open the Mastra preflight proof Get the reusable $7 workflow

    New: Dev Containers / Codespaces agent preflight proof

    Running Claude Code, Codex, Cursor, Copilot coding agent, or another AI coding agent inside a Dev Container or GitHub Codespaces workspace? This buyer-specific receipt shows what to review before .devcontainer/devcontainer.json, lifecycle commands, mounts, forwarded ports, package scripts, or repo write access enter the run.

    Open the Dev Container preflight proof Get the reusable $7 workflow

    MCP server maintainer proof

    MCP server maintainers can verify the free preflight path first, then buy the $5 pack only when MCP/tooling changes enter a yellow or red review zone.

    Read the MCP server maintainer proof

    New: Semantic Kernel agent framework preflight proof

    Building with Semantic Kernel agents, planners, plugins, memory connectors, or tool-calling workflows? This buyer-specific proof shows the receipt to write before the agent inherits repo context, package scripts, API connectors, or secret-adjacent config.

    Open the Semantic Kernel preflight proof Get the reusable $7 workflow

    Qwen Code CLI preflight proof

    For teams evaluating QwenLM/qwen-code / Qwen-style terminal coding agents before granting repo, shell, package-script, MCP/tool, or .env scope.

    Read the Qwen Code CLI proof · Buy the $7 checklist when the scan is Yellow/Red

    Cline users: make the agent feel safe before checkout

    Buy trigger: use the paid starter pack when Cline will touch CI, deployment, package-manager, MCP, or multi-file refactor paths.

    Roo Code agent-team preflight proof

    For teams using Roo Code as an in-editor agent team before granting auto-approval, terminal commands, MCP/tools, package scripts, deployment config, or credential-adjacent repo scope.

    Read the Roo Code preflight proof · Buy the $7 pack if your scan is Yellow/Red

    Installing a Claude Code plugin marketplace?

    Before adding commands, hooks, skills, or MCP/tooling to a real repo, run the free preflight receipt first. If the receipt needs to become a team handoff, use the paid starter pack.

    Read the plugin marketplace install proof

    Named proof: n8n AI workflow automation

    For teams using n8n, workflow credentials, webhooks, custom code nodes, or low-code AI workflows before granting an agent repo/API/package-script scope.

    Buy the $7 pack when the preflight is Yellow/Red because the workflow touches credentials, webhooks, MCP/API tools, repo files, or deployment paths. Skip it when the workflow has no real credentials or repo access.

    Read the n8n workflow preflight proof · Buy the $7 starter pack

    OpenAI Agents SDK tool-agent preflight proof

    For teams connecting OpenAI Agents SDK tool calls, MCP servers, package scripts, or API-backed actions before granting repo scope.

    Read the OpenAI Agents SDK preflight proof · Buy the $7 remediation pack if your scan is Yellow/Red

    Vercel AI SDK tool-calling agent preflight proof

    For TypeScript/Next.js teams using Vercel AI SDK agents, tool calls, route handlers, server actions, package scripts, MCP/API connectors, or preview/deploy settings before granting repo scope.

    Read the Vercel AI SDK preflight proof · Buy the $7 remediation pack if your scan is Yellow/Red

    Open Interpreter local code-agent proof

    For teams letting a local interpreter read repositories, run shell/Python/package commands, or work near .env/API/browser scope before a repo preflight receipt exists.

    Read the Open Interpreter preflight proof · Buy the $7 remediation pack if your scan is Yellow/Red

    Skills-curated marketplace reviewer preflight proof

    For high-trust Claude Code plugin and skill marketplace reviewers, the free scanner now flags .claude-plugin/ files before install and uses Yellow/Red results as the honest upgrade trigger.

    Read the skills-curated marketplace proof or buy the full $7 bundle at Payhip.

    Agent observability and eval pipeline preflight proof

    For Langfuse, Phoenix, and agent eval teams: add a repo-scope preflight receipt before traced AI coding agents receive write, shell, package-script, MCP, browser, or API backed access.

    Read the observability and eval proof or buy the $7 pack when the free receipt is Yellow or Red.

    New: HumanLayer-style agent approval preflight proof

    Using HumanLayer or another human-in-the-loop approval gate for Claude Code, Codex, OpenCode, or coding-agent actions? This proof shows the receipt to attach before approving shell commands, package scripts, MCP/API calls, or repo edits.

    Open the HumanLayer approval preflight proof Get the reusable $7 workflow

    New: Agent Client Protocol agent preflight proof

    Testing agentclientprotocol/agent-client-protocol or another ACP-compatible editor agent? This buyer-specific receipt shows what to freeze before the client hands repo context, package scripts, MCP/editor config, or shell scope to the coding agent.

    Open the ACP agent preflight proof Get the reusable $7 workflow

    Buyer proof: OpenHands autonomous SWE agents

    For teams letting OpenHands clone, edit, run shell/package scripts, browse, or use API-backed tools inside real repos, run the free preflight first, then buy the $7 pack only when the result is Yellow/Red and a reusable approval receipt is needed.

    Read the OpenHands autonomous SWE agents preflight proof · Buy the $7 pack

    Preflight before Aider local AI pair-programming

    Aider local AI pair-programming teams now have a copy-paste preflight receipt before local AI pair-programming touches package scripts, tests, CI, or secret-adjacent files.

    Read the Aider preflight proof. If the free scan is Yellow/Red, buy the $7 pack before the next run: AI Agent Safety Starter Pack.

    AIDER_LOCAL_AI_PAIR_PROGRAMMING_PROOF

    Plandex AI coding-agent preflight proof

    For teams using plandex-ai/plandex-style planning/editing agents before repo writes, shell commands, package scripts, MCP/tool config, or secret-adjacent files enter scope.

    Buy trigger: Green means skip it; Yellow/Red means buy the $7 AI Agent Safety Starter Pack when you need repeatable hooks, reviewer prompts, and receipts before the agent runs.

    Read the Plandex proof · Get the $7 pack

    OpenAI Codex CLI preflight proof

    For teams using openai/codex-style coding agents before repo writes, shell commands, package scripts, MCP/tool config, or secret-adjacent files enter scope.

    Buy trigger: Green means skip it; Yellow/Red means buy the $7 AI Agent Safety Starter Pack when you need repeatable hooks, reviewer prompts, and receipts before the agent runs.

    Read the OpenAI Codex CLI proof · Get the $7 pack

    Haystack agent workflow preflight proof

    For teams using deepset-ai/haystack or Haystack-style agent/RAG workflows before repo context, tool functions, package scripts, workflow files, API connectors, or secret-adjacent paths enter scope.

    Buy trigger: Green means skip; Yellow/Red means buy the $7 starter pack when the team needs repeatable hooks, reviewer prompts, and handoff receipts.

    Read the Haystack proof · Get the $7 pack

    LangGraph graph-agent workflow preflight proof

    For teams using langchain-ai/langgraph or langgraph graph-agent workflows before repository context, tool calls, memory/state, generated commands, package scripts, workflow files, API connectors, or secret-adjacent paths enter scope.

    Buy trigger: Green means skip; Yellow/Red means buy the $7 starter pack when the team needs repeatable hooks, reviewer prompts, and handoff receipts.

    Read the LangGraph graph-agent workflow proof · Get the $7 pack

    Model Context Protocol server preflight proof

    For teams using modelcontextprotocol/servers or MCP-style server/tool workflows before agent clients receive repository context, filesystem access, browser/API tools, package scripts, workflow edits, credentialed connectors, or secret-adjacent config.

    Buy trigger: Green means skip; Yellow/Red means buy the $7 starter pack when the team needs repeatable hooks, reviewer prompts, and handoff receipts.

    Read the MCP proof · Get the $7 pack

    LangChain tool-agent preflight proof

    For teams using langchain-ai/langchain or LangChain-style tool/retriever/function-calling agents before repo context, generated commands, package scripts, workflow files, callbacks, MCP/API connectors, or secret-adjacent config enter scope.

    Buy trigger: Green means skip; Yellow/Red means buy the $7 starter pack when the team needs repeatable hooks, reviewer prompts, and handoff receipts.

    Read the LangChain proof · Get the $7 pack

    Microsoft AutoGen multi-agent preflight proof

    For teams about to let Microsoft AutoGen or similar agent workflows read repo context, call tools, run package scripts, or touch secret-adjacent config before a human has a receipt.

    Open the Microsoft AutoGen proof · Buy the $7 checklist/templates if your scan is Yellow or Red

    Preflight before OpenHands autonomous software-agent runs

    Named proof for OpenHands/OpenHands teams before an autonomous agent receives repo context, shell commands, workflow/package files, or secret-adjacent config.

    Read the OpenHands preflight proof — Yellow/Red scans should use the $7 checklist bundle before the run.

    smolagents tool-calling agent workflows: preflight proof

    smolagents tool-calling preflight proof shows `huggingface/smolagents` users how to run the free Green / Yellow / Red scanner before `tools.py`, `managed agents`, `API/tool credentials` enter an agent task.

    Buy trigger: buy the $7 pack only when the free scan is Yellow/Red and you need the copy-paste hook, PR receipt, and handoff template today.

    VoltAgent agent workflow proof

    Running VoltAgent-style agent workflows? Use the free preflight receipt before write, shell, MCP/tool, browser, or credential-adjacent scope enters the run.

    Read the VoltAgent preflight proof. Buy the $7 pack only when the free receipt is Yellow/Red and you need repeatable hooks, prompts, and handoff templates.

    AutoGPT agent platform preflight proof

    For teams using Significant-Gravitas/AutoGPT or AutoGPT-style autonomous workflows before repository context, tool/API connectors, package scripts, browser/API actions, workflow files, or secret-adjacent config enter scope.

    Read the AutoGPT agent-platform proof · Buy the $7 starter pack when the receipt is Yellow/Red

    AUTOGPT_AGENT_PLATFORM_PROOF

    New: Claude Code GitHub Action preflight

    Using issue/PR-triggered Claude Code in GitHub Actions? This proof page shows the 5-minute receipt to write before the action inherits repo context, workflow permissions, package scripts, or secret-backed automation.

    Read the CI action preflight proof · Get the $7 full pack

    OpenHands-style autonomous agent proof

    Running an OpenHands / Devin-style coding agent against a real repo? Use the free preflight receipt before the agent starts, then buy the $7 pack only when the receipt is Yellow/Red or the first run has broad write scope.

    Read the OpenHands-style proof · Get the $7 full pack

    Curated Claude skill marketplace preflight proof

    For teams discovering skills through Trail of Bits Skills Curated, n-skills, or similar Claude Code plugin marketplaces: verify the target repo before a curated skill gets shell, MCP, package-script, or credential-adjacent context.

    Open the 60-second curated-skill receipt. If the scan is Yellow/Red, the $7 pack turns it into a repeatable workflow.

    LlamaIndex agent workflow proof

    For teams using LlamaIndex-style tools, retrieval workflows, MCP/API connectors, package scripts, or deployment context before an agent run. Run the free scan first; buy the $7 bundle only when the receipt is Yellow/Red and needs the reusable report template plus destructive-command hook.

    Read the LlamaIndex preflight receipt example

    Dify / Flowise low-code agent builder proof

    Dify / Flowise-style builders feel visual, but the danger is still repo, API, webhook, .env, database, tool, and deployment scope. The free proof shows when to run a preflight before connecting a low-code agent workflow to real systems.

    Read the low-code agent builder preflight proof · Buy the $7 pack if your scan is Yellow/Red

    Replit Agent workspace preflight proof

    For hosted workspace teams letting Replit Agent or a similar IDE agent edit files, run package scripts, read `.env`-adjacent config, or change deploy/run commands. Run the free scan first; buy the $7 bundle only when the receipt is Yellow/Red and the workflow needs reusable guardrails.

    Read the Replit Agent workspace preflight proof · Buy the $7 pack if `.replit`, secrets, or deploy commands make the scan Yellow/Red

    New: Agentic Radar security-scan preflight

    Evaluating Agentic Radar or another agentic-workflow security scanner before a coding agent touches package scripts, MCP/API connectors, browser tools, workflow secrets, or repo instructions? Use this free 60-second receipt first, then buy the $7 pack only when the result is Yellow/Red and repeatable handoff templates would save setup time.

    Open the Agentic Radar preflight proof Get the reusable $7 workflow

    Tabby self-hosted coding assistant preflight proof

    For teams using TabbyML/tabby or similar self-hosted coding assistants before indexing private repos, package scripts, CI workflows, or secret-adjacent files. Run the free receipt first; buy the $7 pack only when the scan is Yellow/Red and a reusable handoff/hook saves setup time.

    Open the Tabby preflight proof

    Continue AI code assistant preflight proof

    For Continue / continuedev/continue teams: run a local preflight before an AI code assistant reads repo context, suggests edits, or approaches package scripts, workflow files, tool config, or secret-adjacent paths.

    Read the Continue AI code assistant proof · Buy the $7 starter pack when the receipt is Yellow/Red

    Gemini CLI coding-agent preflight proof

    For Gemini CLI / google-gemini/gemini-cli teams: run a local preflight before a terminal AI agent reads repo context, edits files, executes shell/package commands, or touches workflow, tool, or secret-adjacent paths.

    Read the Gemini CLI proof · Buy the $7 starter pack when the receipt is Yellow/Red

    CrewAI multi-agent workflow preflight proof

    For CrewAI / crewAIInc/crewAI teams: run a local preflight before autonomous crews touch repo files, tools, API connectors, package scripts, workflows, or secret-adjacent paths.

    Read the CrewAI proof · Buy the $7 starter pack when the receipt is Yellow/Red