Free security scanner for AI agent stacks
Hundreds of detection rules. Any AI agent platform. Results in 30 seconds. No account required.
One command. Full attack surface map.
Run firmis scan and get a complete picture of your AI agent stack's exposure. firmis-cli reads your MCP configs, Claude tools, Cursor extensions, and more, mapping every known vulnerability, fixable finding, and unverified finding. No cloud, no signup, no agents running.
Everything you need to audit your stack
Built for developers who move fast and need security that keeps up.
Hundreds of Detection Rules
Credential theft, tool poisoning, data exfiltration, and 21 threat categories covered out of the box.
Any AI Platform
MCP Servers, Claude Code, Cursor, Gemini CLI, Codex, CrewAI, and more. One scanner, every platform.
30-Second Scans
Runs completely offline. Reads config files without touching running agents. No agent restart required.
Compliance Mapping
SOC 2, EU AI Act, GDPR, NIST AI RMF, and OWASP LLM Top 10 mappings included with every finding.
HTML Reports
Auto-generated report with every scan. Ready to share directly with security auditors and compliance teams.
Guided Remediation
Every finding includes a plain-English explanation of what is wrong and the exact steps to fix it.
Need more? Upgrade to Pro.
Deep scan with AI-verified exploitability. Auto-fix. Runtime monitoring. Starting at $49/mo.
Start scanning in 30 seconds
No account. No credit card. Open source.