Add AgentShield — security scanner for AI agent skills & MCP servers

[elliotllliu]

Adds AgentShield to the Security/SAST section.

AgentShield is an open-source security scanner purpose-built for the AI agent ecosystem:

• 31 detection rules covering prompt injection, data exfiltration, backdoors, tool poisoning, and cross-file attack chains
• MCP runtime proxy for real-time interception
• Python AST taint tracking (not regex-based)
• Multi-language prompt injection detection (8 languages)
• MIT license, actively maintained

📦 npm: https://www.npmjs.com/package/@elliotllliu/agent-shield
🔗 GitHub: https://github.com/elliotllliu/agent-shield

[mre]

Thanks Elliot. AgentShield doesn't quite meet our requirements yet -- the repo was created in March 2026 (under the 3-month age minimum) and has 10 stars (we require at least 20). Both of these would need to be met before we can include it.

We'll keep this open for now.

[mre]

Contributing criteria check

[FAIL] AgentShield

Source: https://github.com/elliotllliu/agent-shield

Criterion	Result
Stars (min 20)	fail 11 stars (minimum is 20)
Contributors (min 2)	fail 1 contributor(s) (minimum is 2)
Age (min 3 months)	fail created 10 days ago, needs 80 more days to meet the 3-month minimum

---

One or more tools do not meet the contributing criteria yet. We will keep this PR open. Feel free to update it once the thresholds are met.