51 attack vectors · 5 categories · PDF reports

Security scanner
for AI agents

Find prompt injection, data exfiltration, jailbreak, and privilege escalation vulnerabilities in your AI agents. Automated pentesting via API.

Get Started — Free View API Docs

$ curl -X POST https://agentscan.sh/api/v1/scans \
  -H "X-API-Key: as_live_..." \
  -d '{"target_url": "https://your-agent.com/chat"}'
 
Risk Score: 87/100 (CRITICAL)
Tests: 51 | Vulnerabilities: 12
 
[CRITICAL] prompt_injection — direct_ignore_instructions
[CRITICAL] data_exfiltration — env_variable_leak
[HIGH] jailbreak — dan_variant
[HIGH] tool_abuse — tool_discovery
[MEDIUM] privilege_escalation — debug_mode_activation

What we scan for

💉

Prompt Injection

Direct, indirect, encoded, multilingual, and delimiter-based injection attacks. 18 vectors including few-shot manipulation and token smuggling.

📤

Data Exfiltration

System prompt leaks, config extraction, PII exposure, cross-session data leaks, SSRF via markdown images, and incremental extraction.

🔓

Jailbreak

DAN variants, character roleplay, hypothetical framing, gradual escalation, authority overrides, and output format manipulation.

🛠

Tool Abuse

Unauthorized tool calls, SSRF via agent, SQL injection through tool parameters, chained attacks, and mass action triggers.

👑

Privilege Escalation

Admin claim, debug mode activation, permission boundary bypass, role confusion, capability unlocking, and context manipulation.

📊

Detailed Reports

Risk score 0-100, severity breakdown, specific remediation advice per vulnerability. Export as JSON or PDF with full evidence.

Simple API

# Start a scan
POST /api/v1/scans
{
  "target_url": "https://your-agent.com/chat",
  "categories": ["prompt_injection", "jailbreak"]
}
 
# Get results
GET /api/v1/scans/{scan_id}
 
# Download PDF report
GET /api/v1/reports/{scan_id}/pdf

Pricing

Free

$0/month

2 scans per month
All 51 attack vectors
JSON reports
60 req/min rate limit

Get Started

Starter

$29/month

20 scans per month
All attack vectors
PDF + JSON reports
Webhook notifications

Start Starter

Pro

$99/month

100 scans per month
All attack vectors
PDF + JSON reports
Webhook notifications
300 req/min rate limit
Priority support

Start Pro Trial

Enterprise

Custom

Unlimited scans
Custom attack vectors
CI/CD integration
On-premise option
SLA + dedicated support

Security scannerfor AI agents