The first three interactive tools in the SecuRight Resources Hub are now available. Each tool runs entirely in the browser — no installation, no data leaving your machine, no account required. They are designed to give security engineers and platform teams immediate, actionable insight into their agentic AI configurations.
The tools
Agent Policy Linter
The Policy Linter validates your agent policy definitions against a comprehensive set of security rules covering permission scoping, tool access controls, and escalation boundaries. Paste in a policy configuration and the linter will flag overly broad permissions, missing deny rules, and privilege escalation paths that could allow an agent to exceed its intended scope. It outputs prioritized findings with specific remediation guidance for each issue.
Prompt Risk Scanner
The Risk Scanner analyzes system prompts and user-facing prompt templates for injection vulnerabilities, instruction leakage risks, and unsafe patterns. It checks for common weaknesses such as missing delimiters between trusted and untrusted content, overly permissive output instructions, and patterns that are susceptible to indirect injection via tool responses. Each finding includes a severity rating and a suggested rewrite.
Run Trace Analyzer
The Trace Analyzer takes a runtime execution trace from an agent run and identifies security-relevant events — unexpected tool invocations, permission boundary crossings, anomalous planning steps, and data flow patterns that suggest exfiltration or injection. It visualizes the agent's decision tree alongside its security annotations, making it straightforward to spot where an agent deviated from expected behavior during a specific execution.
Why browser-based tools
We chose a browser-first approach for a practical reason: security teams evaluating agentic AI controls should not need to install software, provision infrastructure, or route sensitive configurations through third-party APIs to get a baseline assessment. These tools process everything locally using client-side logic. Your policy files, prompts, and traces never leave your browser.
This also means the tools are accessible to anyone on the team — developers, security reviewers, compliance officers — without coordination overhead. Share a link and they are ready to use.
Tooling roadmap
This first wave addresses the three most immediate needs we hear from practitioners: validating policies before deployment, hardening prompts against injection, and debugging agent behavior after execution. Future tooling waves will extend this coverage across the full agent lifecycle.
Planned additions include a tool-call permission simulator for testing access control configurations against specific scenarios, a memory safety checker for evaluating context window and persistent memory handling, and an agent communication auditor for multi-agent deployments. We are also exploring exportable report formats so that tool outputs can feed directly into existing governance and compliance workflows.
Try the tools
If you encounter edge cases the tools do not handle well, or if you have suggestions for additional checks, let us know through the enquiry form.