v1.0.0 is Live

Security layer for autonomous coding.

Because your AI loves slopsquatting.

Read the Docs
$npm install --save-dev agentinel
100% Localzero cloud calls
Extensive DBlocal OSV threats
Ultra-low Latencyper scan
bash -- agentinel
$

Your AI confidently installed what?

blocked packagereact-router-v7-fake1 day old / 4 downloads

LLMs are incredible coders. They are also genuinely terrible at remembering exact npm package names. They will confidently tell Claude to install react-router-dom-v7-next-beta like they have used it a thousand times. They have not. Nobody has. The package was registered yesterday by someone who knew this moment was coming.

Agentinel sits between the AI and your terminal. Every install request is scanned against an extensive threat database and heuristic checks before a single byte hits disk. Locally. With ultra-low latency.

100%Local and Private
MassiveLocal Threat DB
Ultra-lowScan Latency

Features

Guarding your terminal is already too late.

Agentinel intercepts the AI before the damage is done.

AI Self-Correction Loop

The agent corrects itself.

Agentinel feeds a structured JSON block back into the AI context so it understands what was blocked and why, then self-corrects without human intervention.

// Feedback injected into agent context
{
"hook": "PreToolUse",
"agentinel": {
"blocked": true,
"reason": "slopsquatting_profile",
"suggestion": "Did you mean react-router-dom?"
}
}

Deep Tree Scanning

All 67 packages. Not just one.

npm install express brings in its full dependency tree. We scan every single one.

Slopsquatting Protection

Heuristics that catch ghosts.

Zero-day threats not in any DB yet? Heuristics like package age, downloads, and publisher drift help mitigate them before execution.

CI and CD Fallbacks

Scan any manifest. Anywhere.

Gate your deployments before malicious packages slip past code review. Works in GitHub Actions, GitLab CI, or any pipeline.

CI Pipeline -- agentinel
$

How it Works

How Agentinel Works

Step 01

Intercept

Agentinel registers as a PreToolUse hook with your AI agent runtime. Every shell command the agent proposes passes through Agentinel first, before any execution.

01
02

Step 02

Scan

The full dependency tree is resolved locally and checked against an extensive database of known malicious packages. Heuristic checks fire simultaneously for slopsquatting detection.

Step 03

Block

If a threat is detected, Agentinel halts the install. In warn mode it alerts; in strict mode it stops cold. Never permanently blocks your terminal. Ultra-low latency.

03
04

Step 04

Self-Correct

The block context is serialized as JSON and fed back into the AI agent's context window. The agent understands what was wrong and self-corrects autonomously.

Comparison

How does it compare?

Agentinel vs commercial and enterprise security alternatives.

FeatureAgentinelfreeCommercial Alternatives
Cost
Free, always
Paid tiers / per-seat
Privacy
100% local, zero cloud
Cloud-scanned by vendor
Agent Hooking
PreToolUse hook, native
Wrapper scripts only
AI Feedback Loop
JSON context injection
None (blocks silently)
Setup
npm install, one flag
Config files + auth
Threat Database
Extensive OSV DB
Proprietary / opaque
Feed Freshness
Synced from OSV feed
Real-time / variable
Detection Method
DB + heuristics
DB + ML (black-box)
License
MIT, open source
Proprietary

Where we honestly fall short, and how we compensate:

  • ~Feed Freshness: Our local OSV database lags 1-3 days behind the live feed. We compensate with zero-cost heuristics that catch slopsquatting and hallucinated packages the moment they appear, before they are even in any DB.
  • ~Detection Depth: We use DB matching plus heuristics rather than ML behavioral analysis. We compensate by being the only tool that integrates at the AI agent hook level, blocking threats before execution rather than scanning after the fact.

Comparison reflects general market characteristics as of 2026. Individual products may vary.

Ready to secure your workflow?

Secure your AI agents quickly and easily. For free. Always.

No account. No server. No configuration required. Just a single npm command to lock down your terminal.

$npm install --save-dev agentinel