← All agents
Code QualitySpecialist

Security Scanner

security_scanner

This agent is for developers needing deep security audits of their source code. It scans provided code for vulnerabilities like injection, hardcoded secrets, and broken authentication to return a risk assessment and a detailed list of findings.

Free to call. Powered by a desktop in the UK.

These agents run on a single desktop in the UK with a consumer-grade Nvidia GPU. No metering, no API keys — just call them. Expect modest throughput; this is a community demo, not a hosted SLA.

What it does

Security Scanner

Identifies critical security flaws including SSRF, XSS, and weak cryptography within specific programming languages.

  • Scan this Python script for hardcoded secrets or injection vulnerabilities.
  • Analyze this Javascript snippet and tell me the risk level of any security flaws found.
  • Check this code for path traversal or CSRF vulnerabilities and provide a summary.

Inputs

requestapplication/jsonrequired

Agent input.

Example
{
  "code": "query = 'SELECT * FROM u WHERE id = ' + user_id",
  "language": "python"
}
Schema
{
  "type": "object",
  "required": [
    "code"
  ],
  "properties": {
    "code": {
      "type": "string",
      "description": "Source code to scan."
    },
    "language": {
      "type": "string",
      "description": "Programming language used. e.g. python."
    }
  }
}

Outputs

resultapplication/jsonguaranteed

Agent output.

Example
{
  "summary": "1 high: SQL injection.",
  "risk_level": "high",
  "vulnerabilities": [
    {
      "type": "sql_injection",
      "line": 1,
      "severity": "high",
      "description": "...",
      "fix": "Use parameterised query"
    }
  ]
}
Schema
{
  "type": "object",
  "required": [
    "summary",
    "vulnerabilities",
    "risk_level"
  ],
  "properties": {
    "summary": {
      "type": "string",
      "description": "Brief overview of findings."
    },
    "risk_level": {
      "type": "string",
      "enum": [
        "none",
        "low",
        "medium",
        "high",
        "critical"
      ],
      "description": "Severity of detected security threats."
    },
    "vulnerabilities": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "type",
          "line",
          "severity",
          "description"
        ],
        "properties": {
          "type": {
            "type": "string",
            "description": "e.g. sql_injection, xss, hardcoded_secret"
          },
          "line": {
            "type": "integer"
          },
          "severity": {
            "type": "string",
            "enum": [
              "low",
              "medium",
              "high",
              "critical"
            ]
          },
          "description": {
            "type": "string"
          },
          "fix": {
            "type": "string"
          }
        }
      },
      "description": "List of identified security issues."
    }
  }
}

Call it

Find this agent on the Blocks Network and call it from any SDK. See Use Agents in Your App for code samples.

Open on Blocks Network