Show HN: Diplomat-agent scan Python MCP servers for unguarded tool calls
Category: security
Tags: ai-security, static-analysis, agent-governance
Score: 7.8/10 (Innovation: 7, Technical: 8, Documentation: 9, Utility: 7)
A static analysis tool that scans Python AI agent repositories to find tool calls with side effects (database writes, payments, email sending) that lack guardrails like validation, rate limits, or confirmation steps. It's interesting because it addresses a critical and overlooked security gap in LLM-driven agents, providing a practical way to discover and remediate unguarded functions before deployment.
Target audience: backend devs, devops, security engineers
Repository: https://github.com/Diplomat-ai/diplomat-agent · Python · Apache-2.0 · 7 stars
View on Hacker News