Show HN: OpenACA – security scanner for AI agent stacks (MCPs,skills,plugins)

Category: security

Tags: security-scanner, ai-agents, dependency-scanning

Score: 6.5/10 (Innovation: 7, Technical: 6, Documentation: 7, Utility: 6)

OpenACA is a security scanner that identifies vulnerabilities in AI agent stacks by resolving components like MCP servers, plugins, and skills into stable identities and matching them against advisories. It fills a gap where traditional dependency scanners cannot parse agent-specific configuration files, making it interesting for securing the emerging AI agent ecosystem.

Target audience: security engineers, ai engineers, devops

Repository: https://github.com/open-agent-security/openaca · Python · Apache-2.0

View on Hacker News