Title: Securing AI Agents: Why I Built a Pre-Execution Scanner for MCP & LangChain

the ecosystem around AI agents is exploding. Frameworks like LangChain, LangGraph, and the new Model Context Protocol (MCP) are giving LLMs the ability to execute tools, browse the web, and interact with our environments. But as a security-minded developer, looking at how agents use third-party tools terrified me. If an agent loads a third-party MCP server or community LangChain tool, the agent's reasoning engine will ingest whatever descriptions and capabilities that tool provides. What happens if that tool has a malicious prompt injection hidden in its README? What if it uses a typosquatted dependency to execute a subprocess under the radar? To solve this, I built Agentic Scanner, a pre-execution security tool that analyzes agentic skills before they are allowed to run. The Threat Model: Treating Tools as Hostile Before writing any code, I mapped out a formal STRIDE threat model for agentic environments. The core axiom I worked from is this: Any third-party skill package must be trea