Playground · Free · No signup

Scan your AI agent
in 60 seconds

Paste a public GitHub repo or agent endpoint URL. Nixer runs secrets, prompt injection, MCP probe, and fraud checks — then gives you a shareable report.

3 free scans/hour · Playground profile (secrets + prompt injection top-10 + MCP + auth-fuzz) · Full scans via CLI

What the playground scans

🗝️
Secrets
API keys, tokens, DB passwords in source code
⚠️
Prompt Injection
Top 10 live injection probes against your endpoint
🛰️
MCP Probe
Exposed MCP server endpoints, unauthenticated tool access
🔐
Auth Fuzzing
Unauthenticated route access, missing rate limits
Cloud Misconfig
Missing security headers, CORS issues, exposed stack info
📦
Model Supply-Chain
Pickle RCE, HuggingFace trust, ML package typosquats
Full scan runs all 6 modules with 300 probes and CI integration. Get the CLI →

See what a real report looks like

15 findings across a full agent stack — prompt injection, hardcoded secrets, exposed MCP tools, and more.

View sample report →
91
RISK
SCORE
CRITICAL