Q

QSAG-Core

Open-source security scanner purpose-built for AI agent systems and MCP deployments

PriceOpen SourceReviewed2026-04-11

Expert verdict

Ship

3-1
3 Ships1 Skips
Visit github.com

The Panel's Take

QSAG-Core is a Python security scanner specifically designed for the OWASP Top 10 for Agentic Applications 2026 threat model. It provides three core detection capabilities: MCP tool poisoning (26 malicious patterns across 7 categories), prompt injection (28+ attack patterns including goal hijacking, jailbreak attempts, and memory poisoning), and ghost agent detection for unauthorized API key usage. It runs as pure pattern matching — no ML, no cloud dependency — and can be integrated as a pre-execution guard in any Python-based agent pipeline. Released April 10, 2026 by the Neoxyber team, QSAG-Core fills a real operational gap as MCP-based agent deployments proliferate. While Microsoft's Agent Governance Toolkit addresses similar territory, it's heavyweight and enterprise-focused. QSAG-Core is a pip install and a few lines of code — the security-focused indie alternative that fits into a CI/CD pipeline or an existing agent framework without an enterprise contract. The threat model it addresses is timely. As MCP becomes the de facto standard for tool-calling in AI agents, malicious MCP servers and prompt injection via tool outputs are becoming documented attack vectors. Having a lightweight, open-source scanner that specifically targets these patterns is exactly what the community has been building toward. MIT licensed, 24 commits in its first day.

The reviews

I've been manually reviewing MCP tool schemas before deploying them — QSAG-Core automates that. 26 MCP poisoning patterns and 28 prompt injection patterns in a single pip install is a no-brainer to add to any agent pipeline's security layer.

Helpful?

Pattern matching is a starting point, not a solution. Sophisticated prompt injection and MCP poisoning attacks are designed specifically to evade signature-based detection. QSAG-Core will catch known-bad patterns, but a determined attacker will trivially bypass it. This is necessary but not sufficient security.

Helpful?

Every major software ecosystem eventually got linters, scanners, and static analysis tools. QSAG-Core is the beginning of that toolchain for AI agents. The OWASP Agentic AI threat model it implements will become the industry baseline. Early adopters of agent-specific security tooling will be ahead of the curve when regulations arrive.

Helpful?

Non-technical teams building AI-powered tools with MCP have no idea what tool poisoning even is. QSAG-Core gives developers a way to add a meaningful security layer that they can explain to stakeholders without a security engineering background.

Helpful?

Share this verdict

QSAG-Core verdict: SHIP 🚀

3 ships · 1 skip from the expert panel

Full review: https://shiporskip.io/tool/qsag-core-mcp-tool-poisoning-prompt-injection-agent-security-scanner-2026?utm_source=share_card&utm_medium=social&utm_campaign=verdict_share&utm_content=x_share

Weekly AI Tool Verdicts

Get the next verdict in your inbox

7 critics review a new AI tool every day. Weekly digest — free.

Looking for QSAG-Core alternatives?

Compare QSAG-Core with every other Security tool reviewed by our panel.

See all Security alternatives

Embed this verdict

Tool makers can add a live ShipOrSkip badge to their site. Badge loads track impressions; clicks route back to this review.

Ship · 7.5/10
HTML badge
<a href="https://shiporskip.io/api/badge-click/qsag-core-mcp-tool-poisoning-prompt-injection-agent-security-scanner-2026" target="_blank" rel="noopener"><img src="https://shiporskip.io/api/badge/qsag-core-mcp-tool-poisoning-prompt-injection-agent-security-scanner-2026" alt="QSAG-Core Ship verdict on ShipOrSkip" width="360" height="90" /></a>
Markdown badge
[![QSAG-Core Ship verdict on ShipOrSkip](https://shiporskip.io/api/badge/qsag-core-mcp-tool-poisoning-prompt-injection-agent-security-scanner-2026)](https://shiporskip.io/api/badge-click/qsag-core-mcp-tool-poisoning-prompt-injection-agent-security-scanner-2026)
Iframe widget
<iframe src="https://shiporskip.io/embed/qsag-core-mcp-tool-poisoning-prompt-injection-agent-security-scanner-2026" title="QSAG-Core ShipOrSkip verdict" width="360" height="260" style="border:0;border-radius:16px;max-width:100%;" loading="lazy"></iframe>

Bookmarks

Loading bookmarks...

No bookmarks yet

Bookmark tools to save them for later