Skip to content
Superagent logo

Superagent

App

About

Superagent is an AI security agent built to protect open source and enterprise codebases used by Firecrawl, Mastra, Paperclip
By superagent-ai
41 installs
Add

Tags

 (2)
securityai-assisted

Pricing

Superagent OSS. Full access to Superagent's security features for personal and org accounts. plan available.

Select a tab navigation

Superagent protects open source projects from modern attacks

Superagent is an AI security agent built to protect open source and enterprise codebases from the class of attacks targeting them today. Teams like Firecrawl, Paperclip, and Mastra use Superagent for adversarial red teaming, PR security scanning, contributor trust scoring, CLA management, and offensive adversarial testing.

It helps teams detect malicious PRs, risky contributors, credential leaks, dependency attacks, and vulnerable code before it reaches production.

Unlike general code reviewers, Superagent runs an adversarial security loop. It continuously red teams your codebase, learns from real-world disclosures, and scans every PR against a living threat model.

Capabilities

  • Adversarial red teaming: Continuous security testing using real attacker techniques.
  • PR security scanning: Detects secrets, obfuscated payloads, dependency confusion, and injection risks.
  • Contributor trust scoring: Flags new, suspicious, or anomalous contributors based on GitHub activity and behavior.
  • CLA management: Collect and verify contributor license agreements per repository.
  • GitHub Check Runs: Results appear directly in PR checks and work with branch protection rules.
  • PR comments: Findings, trust scores, and recommendations are posted directly on pull requests.
  • Advisory triage: GHSA advisories and CVEs are mapped to your codebase automatically.

Why Superagent

Superagent thinks like an attacker, not just a reviewer. It combines offensive testing, PR scanning, contributor reputation, CLA management, and advisory triage into one GitHub-native workflow.

Security and privacy

  • No code stored: Code is processed in isolated sandboxes and discarded after review.
  • No AI training: Your code is never used to train models.
  • Zero config: Works out of the box, with optional repo-level configuration.

Setup

  1. Create an account at https://superagent.sh
  2. Install the GitHub app from the dashboard
  3. Open a pull request
  4. Review results in PR checks and comments

For existing PRs, comment @superagent review to trigger a scan.

Superagent screenshot

Resources

Plans and pricing

Full access to Superagent's security features for personal and org accounts.
$0

Next: Confirm your installation location

Superagent is provided by a third-party and is governed by separate privacy policy and support contact.

About

Superagent is an AI security agent built to protect open source and enterprise codebases used by Firecrawl, Mastra, Paperclip
By superagent-ai
41 installs

Tags

 (2)
securityai-assisted

Pricing

Superagent OSS. Full access to Superagent's security features for personal and org accounts. plan available.

Resources