Every MCP server, API key, and agent config on your machine — mapped visually in one scan. See what's exposed before it becomes a problem.
Free tier includes exposure graph, findings, and 3 Skill Shield analyses per month
Every AI agent you add brings API keys, MCP servers, and config files. Each one is another pathway for your secrets to move in ways you can't see.
The average developer runs 3–5 AI agents with MCP servers, secrets, and configs scattered across their machine. And it gets worse: config files from agents you uninstalled are still there, still holding your API keys, still readable by your other agents. Traditional security tools can't see any of it.
One scan maps every connection between your agents, secrets, and external services. Then keeps watching.
Every agent, secret, MCP server, and external service — mapped in an interactive graph with 7 distinct risk layers. See exactly where your data can flow.
Paste any MCP server or skill URL. RootShield analyzes its capabilities, detects red flags, and shows the blast radius on your actual workspace — before you install anything.
Uninstalled Cursor but didn't delete ~/.cursor/? RootShield finds orphaned config directories that still contain your API keys and are still readable by other agents.
Tracks how each agent's access patterns change over time. When an agent suddenly reaches more secrets or services than usual, RootShield flags the anomaly with severity scoring.
Real-time alerts when any agent config changes — new MCP server added, API key rotated, skill modified. Full source attribution so you know exactly what triggered it.
Every finding maps to OWASP MCP Top 10 and OWASP Agentic Top 10. Export CycloneDX AI Bill of Materials. Push alerts to your SIEM via webhook.
No agents to install, no SDKs, no account needed. Just a native macOS app.
Give RootShield read-only access to your agent config folders. It never writes to your files.
One click scans everything — agents, MCP servers, secrets, configs, and scheduled tasks. Takes 3 seconds.
Your exposure graph, posture score, and actionable findings. No data ever leaves your machine.
"I spent 6 years studying how security companies make the invisible visible. When AI agents started accumulating secrets on my own machine, I built what I wished existed — a way to see the full picture."
The free tier gives you real security insights. Pro unlocks everything.
No. RootShield is 100% offline. It reads your local config files and renders everything on your machine. Zero network calls, zero telemetry, zero data collection. The only optional network feature is an MCP Registry lookup for trust verification, which you can disable.
Claude Code, Claude Desktop, Cursor, Windsurf, Cline, OpenClaw, Gemini CLI, Ollama, LM Studio, Aider, Codex CLI, GitHub Copilot, and any MCP server across all these agents. The scanner is modular — new agents are added regularly as they emerge.
When you uninstall an AI agent (delete the .app), its config directory often stays behind — ~/.cursor/, ~/.openclaw/, etc. These orphaned configs still contain API keys, MCP server bindings, and skill manifests. RootShield detects these "ghost agents" and shows you exactly what they're still exposing.
MCP (Model Context Protocol) is the standard way AI agents connect to external tools and services. An MCP server is a plugin that gives your agent access to things like GitHub, databases, file systems, or Slack. RootShield scans every MCP server config on your machine and maps what each one can access.
Free gives you the Secrets layer, findings summaries, 3 Skill Shield analyses per month, and the Integrations tab. Pro unlocks all 7 risk layers, behavioral baselining, ghost agent detection, remediation guidance, OWASP compliance mapping, CycloneDX export, monitoring details, workspace drift tracking, and unlimited Skill Shield.
Yes. The Team tier ($39/seat/month) includes everything in Pro plus a team posture dashboard, shared compliance reports, webhook integration for your SIEM/SOAR, fleet metadata, and priority support. Email matt@rootshield.ai for volume pricing.