Security audit of nullpointexception-i/agent-sphere · MCP Server by nullpointexception-i · ★ 169
Yes — agent-sphere passed AgentSkillsHub's rule-based security scan with no dangerous patterns detected. As with any third-party skill, confirm what credentials it requests before production use.
What it is: This project is an AI Agent orchestration platform. It uses an LLM-driven decision engine, combined with capabilities (built-in tools, MCP protocol, CLI execution, browser operations, etc.), to achieve a basic closed loop from perception → planning → execution → feedback.本项目是一个面向 AI Agent 编排平台。它通过 LLM 驱动的决策引擎,结合能力(内置工具、MCP 协议、CLI 执行、浏览器操作等)
No dangerous patterns were detected: no credential exfiltration, no obfuscated downloads, no sandbox-escape attempts, no prompt-injection markers.
| Security grade | ✓ SAFE |
| Quality score | 65/100 |
| GitHub stars | 169 |
| Language | Java |
| License | MIT |
| Last updated |
This is AgentSkillsHub's free basic audit: an automated rule-based scan covering SlowMist's 11 red-flag categories (credential exfiltration, obfuscated payloads, sandbox escape, prompt injection, and more) across 117,000+ open-source AI agent skills and MCP servers, refreshed every 8 hours. A SAFE grade is a scan result, not a guarantee — deep 5-dimension audits (code · credentials · vendor · supply-chain · operational) are available for enterprise. Audited: 2026-07-03.