CapitalGuardAI-agent security licensesBuy

AI threat library

The risks CapitalGuard is built to detect.

Focused threat pages for founders, agencies, and teams deciding whether to buy an AI-agent exposure scan, generate policy files, or add monitoring after the first baseline.

Threat pages

8 concrete AI-agent risk paths.

Compare Licenses

Agent instruction risk

Prompt-Injection Paths

Hidden instructions in docs, issues, prompts, logs, and internal notes can influence coding agents when those files become task context.

HighGrowth and Pro
Read threat

Secret-risk pattern

Exposed Secret Context

AI tools do not need to print raw keys to create risk; file paths, variable names, logs, and configuration context can reveal how systems are wired.

CriticalStarter, Growth, and Pro
Read threat

Workspace boundary risk

Dangerous Agent-Readable Files

Some files should not be read, edited, summarized, or sent to external tools by autonomous coding agents.

HighStarter, Growth, and Pro
Read threat

CI and release risk

Unsafe Workflow Automation

Agents that can edit workflows, package scripts, deploy files, or release automation can turn small mistakes into production risk.

CriticalPro
Read threat

Integration risk

Agent Tool Bridge Risk

MCP servers, agent plugins, local bridges, and automation connectors can quietly expand what a coding agent can inspect or transmit.

HighGrowth and Pro
Read threat

Package supply-chain risk

Dependency Script Execution

Install scripts, postinstall hooks, and package-manager credentials can create dangerous paths when agents modify dependencies or run commands.

HighPro
Read threat

Operational exposure

Production Access Paths

Agents may reach production indirectly through deploy scripts, cloud configuration, kubeconfig files, service accounts, logs, and runbooks.

CriticalPro
Read threat

Data handling risk

Customer Data in Agent Context

Support exports, logs, database samples, transcripts, and screenshots can enter agent context during normal debugging work.

HighGrowth and Pro
Read threat