51 Detection Rules · OWASP Agentic Top 10

Independent Audit
for AI Agents.

The signed third-party attestation enterprise procurement requires before an AI agent goes into production. We detect and attest. We never touch the agent. (Phase 1 delivered.)

Get Free Scan View Sample Report →
ACL 2026 Workshop · Peer-Reviewed Evidence
Where Semgrep and Bandit see nothing.
617
Findings across 6 open-source agent projects
269
Critical-severity findings
0
Agent-specific findings from Semgrep / Bandit
Peer-reviewed research, ACL 2026 workshop. Traditional security tools (Semgrep, Bandit) detect zero agent-specific vulnerabilities on the same codebases.
How Argus Works
Scan. Report. Certify.
01 — SCAN

Detect

One command scans your agent code. 51 detection rules covering prompt injection, insecure tool use, credential exposure, and all OWASP Agentic Top 10 categories.

02 — REPORT

Report

Branded PDF audit report with severity ratings, OWASP compliance matrix, code evidence, remediation roadmap, and executive summary.

03 — CERTIFY

Certify

Independent third-party security certification. The trust signal your enterprise customers require before deploying your agent in production.

Company
About Argus Security

Argus Security, Inc.

Delaware C-Corp · Founded April 2026

Independent compliance audit body for AI agents. We provide deterministic static analysis, signed audit reports, and compliance certification — the procurement gate enterprises need before deploying agents in production.

Our audit methodology is grounded in original vulnerability research and responsible disclosure, and aligned with the OWASP Agentic Security Initiative Top 10.

Heady Zhang
Founder & CEO
SJTU → USC · Ex founding engineer building production agents
AI agent security · Built audit methodology adopted by publicly listed enterprise
Justin Yuan
Co-founder & CTO
SJTU → USC
Full-stack engineering · Platform architecture
Prof. Yue Zhao
Scientific Advisor
USC CS Assistant Professor · CMU PhD
PyOD author · 9.8K+ GitHub stars · 42M+ downloads
Personal capacity. USC does not endorse Argus.
Customers
Enterprise Traction

First Enterprise Customer Signed

HKEX-listed integrated healthcare group. Strict compliance requirements. Highly sensitive consumer health data.

Customer embedded Argus's 7-Dimension Audit Framework into their internal PRD as the project evaluation standard. (Phase 1 delivered.)

14 days
Audit delivery cycle
51
Deterministic detection rules
CrewAI
CrewAI RCE patched (PR #5307) · AutoGen + AWS MCP in review
OPEN-SOURCE ENGINE
180 GitHub stars · F1=0.84 reproducible from the public repo · 1,500+ tests gated in CI.
AWS MCP
Validated SQL injection in AWS's official MCP repository. HackerOne triage complete, pending AWS review.
YC PORTFOLIO
Completed an independent Phase 1 security audit of a YC-backed agent-payments platform, surfacing a HIGH-severity finding that three industry-standard static analyzers missed.
Trusted by the Ecosystem
Vulnerabilities Filed With
CrewAI PR #5307 · Issues #5056, #5057
Additional frameworks assessed AWS MCP · ByteDance · LangGraph · Pydantic AI · Coinbase x402 · DataStax Langflow
ACL 2026 — Accepted (Auditable Agents, KnowFM Workshop)
OWASP Agentic Top 10 — Aligned
Argus ARGUS AUDIT REPORT
MedAgent Pro
ARGUS-2026-0042 · 2026-04-11 · 22 pages · CONFIDENTIAL
C
Overall Security Rating — Significant concerns identified
2 CRIT
3 HIGH
4 MED
2 LOW
1 INFO

What You Get

A 22-page branded security audit report that your CISO, VP Engineering, or enterprise customer can trust.

  • Executive summary with A-F security rating
  • Detailed findings with code evidence and attack scenarios
  • OWASP Agentic Top 10 compliance matrix
  • Prioritized remediation roadmap
  • Methodology and severity definitions
Sample report for demonstration purposes. Actual client reports are confidential.

Secure Your Agents Today

Free scan for open-source projects. Enterprise audit with branded report and compliance mapping.

Get Started on GitHub →
Enterprise audit packages available · Contact for scoping
Email heady@argus-security.dev
GitHub agent-audit