I ran a security scan on @inngest/agent-kit. Here's the report:
https://agentscores.xyz/report/%40inngest%2Fagent-kit
Score: 95/100. Clean posture, no critical findings.
Since agent-kit is an agent framework that works with MCP, the value here isn't flagging issues today. It's catching them before they reach users. When a dependency gets compromised or a new release introduces risk, the gate blocks the PR until someone reviews.
I built a GitHub Action for this. One YAML block:
- uses: Thezenmonster/mcp-verdict-action@v1
with:
api-key: ${{ secrets.AGENTSCORE_KEY }}
fail-on: blockI'll provision a repo-scoped API key for inngest/agent-kit and configure everything. Free 30-day pilot. 5 minutes on your side.
Can I send you the key and workflow file?
Setup guide: https://agentscores.xyz/policy-gate
Action: https://github.com/Thezenmonster/mcp-verdict-action
I ran a security scan on
@inngest/agent-kit. Here's the report:https://agentscores.xyz/report/%40inngest%2Fagent-kit
Score: 95/100. Clean posture, no critical findings.
Since agent-kit is an agent framework that works with MCP, the value here isn't flagging issues today. It's catching them before they reach users. When a dependency gets compromised or a new release introduces risk, the gate blocks the PR until someone reviews.
I built a GitHub Action for this. One YAML block:
I'll provision a repo-scoped API key for inngest/agent-kit and configure everything. Free 30-day pilot. 5 minutes on your side.
Can I send you the key and workflow file?
Setup guide: https://agentscores.xyz/policy-gate
Action: https://github.com/Thezenmonster/mcp-verdict-action