π Aurite Agent Verifier
May 26, 2026 Β· View on GitHub
π Aurite Agent Verifier
Catch security issues, enforce standards, and validate agent patterns β before code ships.
Works with Claude Code Β· Cursor Β· Windsurf Β· Roo Code Β· Codex Β· 30+ more
Why?
AI coding agents are powerful β but they skip linting, ignore security basics, and hallucinate tool calls. Code reviews catch some of this, but not consistently.
Agent Verifier is an AI agent skill that acts as an automated reviewer. It checks for:
- π Security gaps β hardcoded secrets, missing input validation, exposed stack traces
- π Dangerous agent patterns β infinite loops, unbounded retries, hallucinated tools
- π Code quality β naming, docs, error handling, magic values
- ππ¦πΉ Language-specific issues β Python type hints, TypeScript strict mode, Go error handling
Install it once. It runs every time you say "verify agent".
Author's Note
π‘ If Agent Verifier looks interesting to you β or saves you a prod bug β consider giving it a β. It's the only signal GitHub gives us that this is worth maintaining and adding more capabilities to this repo.
π€ Contributions and feature requests welcome β open an issue or PR any time.
What You Get
Run "verify agent" in your coding assistant (eg. Claude Code, Cursor or others) and get a structured report:
β
8 checks passed | β οΈ 3 warnings | β 2 issues
β Hardcoded API key at config.py:12
β Move to environment variable
β Hallucinated tool reference: execute_sql
β Tool referenced in prompts but not defined
β οΈ Unbounded loop at agent/loop.py:45
β Add MAX_ITERATIONS constant
β οΈ System prompt exceeds recommended size (6.2K tokens)
β Split into modular sections
All analysis runs locally. Your code never leaves your machine.
See full report format
# Verification Report
**Project:** my-project
**Date:** 2026-03-04
**Mode:** Standalone
**Files analyzed:** 12
**Agent type detected:** LangGraph
## Summary
β
8 checks passed | β οΈ 3 warnings | β 2 issues
### By Category
| Category | Pass | Warn | Issue |
|----------|------|------|-------|
| Code Quality | 5 | 1 | 0 |
| Security | 2 | 0 | 1 |
| Agent Patterns | 1 | 2 | 1 |
## Agent Pattern Analysis
### Loop Safety
- [x] All retry mechanisms have explicit limits
- [ ] β οΈ Potential unbounded loop at `agent/loop.py:45`
### Tool Consistency
- [x] Tool registry found: 5 tools defined
- [ ] β 1 hallucinated tool reference in prompts
### Context Management
- [ ] β οΈ System prompt exceeds recommended size (6.2K tokens)
- [x] Tool descriptions within limits
## Findings
### β
Passing
- Naming conventions: Consistent camelCase used throughout
- Error handling: All async functions have try/catch
### β οΈ Warnings
- Missing type hints: `utils.py:45`
- **Location:** `utils.py:45`
- **Suggestion:** Add type hints to `process_data()` function
### β Issues
- Hardcoded API key: `config.py:12`
- **Location:** `config.py:12`
- **Rule:** No secrets in source code
- **Fix:** Move to environment variable
## Recommendations
1. Move API keys to environment variables
2. Add type hints to public functions
## Agent-Specific Recommendations
1. **Loop Safety:** Add `MAX_ITERATIONS` constant to `agent/loop.py`
2. **Tool Registry:** Remove or implement `execute_sql` tool
3. **Context Management:** Split system prompt into modular sections
Quickstart
# Install (works with Claude Code, Roo Code, Cursor, and 30+ agents)
npx skills add aurite-ai/agent-verifier -a claude-code -a cursor -a <your-fav-coding-agent>
# Then in your agent folder just ask your coding assistant (eg. Claude Code, Cursor, or others):
verify agent
That's it. For more installation options, see Installation.
Learn More
New to Agent Verifier? These guides walk you through everything:
- Getting Started β Install and run your first verification in 5 minutes
- Tutorials β Step-by-step guides:
- Installation β Detailed installation options
- First Verification β Run your first verification
- Understanding Reports β Interpret and prioritize findings
- Focused Checks β Use individual verification skills
The rest of this README serves as a technical reference.
Contributions
We welcome contributions of all kinds! Here's how you can help:
- π Found a bug? Open an issue
- π‘ Want a new check? Open a feature request
- π§ Want to contribute code? Open a PR
Table of Contents
- Why?
- What You Get
- Quickstart
- Architecture
- Available Skills
- Installation
- Updating Installed Skills
- Usage
- Features
- How It Compares
- Check Reliability
- Privacy
- Contributing
- Citation
- License
Architecture
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β verification β
β Full Suite Orchestrator β
β trigger: "verify agent" β
βββββββββββββ¬ββββββββββββ¬ββββββββββββ¬ββββββββββββ¬ββββββββββββββ
β β β β
βΌ βΌ βΌ βΌ
βββββββββββββ βββββββββββββ βββββββββββββ βββββββββββββ
β verify- β β verify- β β verify- β β verify- β
β security β β patterns β β quality β β language β
βββββββββββββ€ βββββββββββββ€ βββββββββββββ€ βββββββββββββ€
β β’ secrets β β β’ loops β β β’ naming β β β’ Python β
β β’ deps β β β’ retries β β β’ docs β β β’ TypeScriptβ
β β’ input β β β’ tools β β β’ errors β β β’ Go β
β β’ errors β β β’ context β β β’ magic β β β
βββββββββββββ βββββββββββββ βββββββββββββ βββββββββββββ
Each skill can run independently: "verify agent security", "verify agent patterns", etc.
Available Skills
| Skill | Purpose |
|---|---|
verification | Full verification suite (orchestrator) β runs all checks below |
verify-security | Security checks (secrets, input validation, dependencies) |
verify-patterns | Agent patterns (loops, retries, tools, context) |
verify-quality | Code quality (naming, organization, docs) |
verify-language | Language-specific checks (Python, TypeScript, Go) |
Installation
Recommended
# Install all skills to all detected agents (Claude Code, Roo Code, Cursor, etc.)
npx skills add aurite-ai/agent-verifier -a claude-code -a <your-fav-coding-agent>
More install options (specific agents, skills, or version)
# List available skills in this package
npx skills add aurite-ai/agent-verifier --list
# Install to specific agents (multi select allowed)
npx skills add aurite-ai/agent-verifier -a claude-code -a roo
# Install specific skills only
npx skills add aurite-ai/agent-verifier --skill verification verify-security
# Install globally (available in all projects)
npx skills add aurite-ai/agent-verifier -g
Install from GitHub repository
Install directly from a GitHub repo (public or private with access):
# List available skills
npx skills add github:aurite-ai/agent-verifier --list
# Install to specific agents (multi select allowed)
npx skills add github:aurite-ai/agent-verifier -a claude-code -a roo
# Install all skills from public GitHub repo
npx skills add github:aurite-ai/agent-verifier --all
# Install specific skills only
npx skills add github:aurite-ai/agent-verifier --skill verification verify-security
# From a specific branch
npx skills add github:aurite-ai/agent-verifier#main --all
# From a specific tag/release
npx skills add github:aurite-ai/agent-verifier#v1.0.0 --all
# From private repo (requires GitHub authentication)
npx skills add github:your-org/your-private-skill --all
Install from local source
Install from a local directory during development:
# List available skills in local repo
npx skills add ./path/to/agent-verifier --list
# Install to specific agents (multi select allowed)
npx skills add ./path/to/agent-verifier -a claude-code -a roo
# Install all skills from local path
npx skills add ./path/to/agent-verifier --all
# Install specific skills only
npx skills add ./path/to/agent-verifier --skill verification verify-patterns
# Install with link (for development - changes reflect immediately)
npx skills link .
Manual installation
For agents that don't support the skills CLI, copy the skill files directly:
# For Roo Code (copy all skills)
cp -r skills/* ~/.roo/skills/
# For Claude Code (copy all skills)
cp -r skills/* ~/.claude/skills/
# For other agents, check their documentation for the skills directory location
Updating Installed Skills
From NPM Registry
Re-run the install command to get the latest published version:
# Update all skills to latest version
npx skills add aurite-ai/agent-verifier --all
More update options
# Install to specific agents (multi select allowed)
npx skills add aurite-ai/agent-verifier -a claude-code
# Update specific skills only
npx skills add aurite-ai/agent-verifier --skill verification verify-security -a claude-code
# Or specify a version
npx skills add aurite-ai/agent-verifier@1.2.0 -a claude-code
Update from GitHub repository
Re-run with the same source to pull latest changes:
# Update all skills from default branch
npx skills add github:aurite-ai/agent-verifier --all -a claude-code
# Update from specific branch
npx skills add github:aurite-ai/agent-verifier#main --all -a claude-code
# Update to specific tag/release
npx skills add github:aurite-ai/agent-verifier#v1.2.0 -a claude-code
Update from local source or manual update
Symlink install: If installed with npx skills link ., changes reflect automatically. No action needed.
Check if you're using symlink:
# Check the skills-lock.json in your project
cat skills-lock.json # Look for "method": "symlink"
# Or check the installed skill directly
ls -la .agents/skills/verification # Should show -> pointing to source
Copy install: Re-run the install command to update:
# Reinstall from source
npx skills add /path/to/agent-verifier -a claude-code
# Or force reinstall
npx skills add /path/to/agent-verifier -a claude-code --force
Remove and reinstall:
# Remove each skill by skill name
npx skills remove verification
# Reinstall from any source
npx skills add aurite-ai/agent-verifier -a claude-code
Manual update:
# Copy updated files directly
cp -r /path/to/agent-verifier/skills/verification ~/.claude/skills/
Usage
Once installed, trigger verification by asking your coding agent:
Full Verification Suite
"verify agent"
This runs the complete verification suite covering security, agent patterns, code quality, and language-specific checks. Use this for comprehensive audits or pre-release reviews.
Focused Verification
For faster, targeted checks, use domain-specific invocations:
| Command | What it checks |
|---|---|
"verify agent security" | Secrets, input validation, error exposure, dependency vulnerabilities |
"verify agent patterns" | Loop safety, retry limits, tool registry, context size, LangGraph cycles |
"verify agent quality" | Naming, organization, documentation, magic values, error handling |
"verify agent language" | Python type hints, TypeScript strict mode, Go error handling |
Legacy Triggers (Still Supported)
These phrases also trigger the full verification suite:
- "review this implementation"
- "check compliance"
- "audit my agent"
- "validate against best practices"
Features
Dual-Mode Operation
Standalone Mode (default):
- Automatically detects project language and framework
- Applies built-in best practices for code quality and security
- Honors existing lint configs (ESLint, Biome, etc.)
Kahuna-Enhanced Mode (when Kahuna is installed):
- Loads organization-specific rules from knowledge base
- Uses
kahuna_askfor deeper context queries - Applies framework patterns surfaced by
kahuna_prepare_context
Verification Checks
The skill performs comprehensive verification across multiple categories:
1. Code Quality
| Check | Description | Severity |
|---|---|---|
| Naming conventions | Clear, descriptive, consistent naming | β οΈ Warning |
| Code organization | Appropriate structure and modularity | β οΈ Warning |
| Error handling | Proper try/catch, error propagation | β Issue |
| Magic values | No unexplained numbers/strings | β οΈ Warning |
| Documentation | Comments for complex logic | β οΈ Warning |
2. Security
| Check | Description | Severity |
|---|---|---|
| Hardcoded secrets | No API keys, passwords in source | β Issue |
| Input validation | Validate external data | β Issue |
| Error exposure | No stack traces in production | β οΈ Warning |
| Secure defaults | Safe default configurations | β οΈ Warning |
| Dependency vulnerabilities | Known CVEs in dependencies | β Issue |
3. Language-Specific
Python:
| Check | Description |
|---|---|
| Type hints | Public functions should have type annotations |
| Docstrings | Modules, classes, functions should be documented |
| Requirements pinning | Dependencies should specify versions |
TypeScript/JavaScript:
| Check | Description |
|---|---|
| Type safety | Prefer strict mode, avoid any |
| Async handling | Proper error handling for promises |
| Dependency security | No outdated/vulnerable packages |
Go:
| Check | Description |
|---|---|
| Error handling | No ignored errors (_ = err) |
| Context propagation | Pass context through call chains |
4. AI Agent Patterns
Loop Safety:
| Pattern | Language | Severity |
|---|---|---|
while True: without break | Python | β οΈ Warning |
while (true) without break | TS/JS | β οΈ Warning |
for { } without break/return | Go | β οΈ Warning |
| Recursive calls without depth limit | All | β οΈ Warning |
Retry Limits:
| Pattern | Required Parameter | Severity |
|---|---|---|
@retry (tenacity) | stop=stop_after_attempt(n) | β Issue |
@backoff.on_exception | max_tries=n | β Issue |
retry (async-retry) | retries: n | β Issue |
p-retry | retries: n | β Issue |
Tool Registry:
| Check | Description | Severity |
|---|---|---|
| Hallucinated tools | Tool references not in registry | β Issue |
| Undocumented tools | Tools not listed in prompts | β οΈ Warning |
Context Management:
| Content Type | Warning | Issue |
|---|---|---|
| System prompt | > 4,000 tokens (~16KB) | > 8,000 tokens (~32KB) |
| Single tool description | > 500 tokens (~2KB) | > 1,000 tokens (~4KB) |
| Total tool descriptions | > 2,000 tokens (~8KB) | > 4,000 tokens (~16KB) |
Note: "System prompt" refers to your agent's prompt files (e.g.
prompts/system.md,prompts.py,system.md). Files inskills/directories are skill definitions loaded on demand, not static system prompts, and are excluded from this check.
5. Framework Detection
Automatically detects and applies framework-specific checks:
| Framework | Detection | Special Checks |
|---|---|---|
| LangGraph | langgraph in imports | State schema, node connectivity |
| CrewAI | crewai in imports | Agent roles, task dependencies |
| AutoGen | autogen in imports | Agent configuration |
| LangChain | langchain in imports | Chain composition, memory config |
| Custom | Direct SDK usage | General agent patterns |
Testing the Skill
Test fixtures are provided in tests/fixtures/ to validate the agent pattern detection:
# Navigate to a fixture directory and ask your agent to verify it
cd tests/fixtures/infinite_loop
# Then ask: "verify this code for agent patterns"
# Or verify all fixtures at once
cd tests/fixtures
# Then ask: "verify these test fixtures and report findings"
See tests/fixtures/README.md for expected results.
How It Compares
| Agent Verifier | ESLint/Biome | Semgrep | Manual Review | |
|---|---|---|---|---|
| AI agent patterns (loops, retries, tools) | β | β | β | Sometimes |
| Security checks | β | Partial | β | Sometimes |
| Language-specific quality | β | β | β | β |
| Works inside your AI agent | β | β | β | β |
| Zero config | β | β | β | N/A |
| Context-size analysis | β | β | β | Rarely |
| Runs locally / private | β | β | β | β |
Agent Verifier is not a replacement for linters β it catches what they cannot: agent-specific patterns, context management issues, and tool hallucinations.
Check Reliability
Because Agent Verifier runs as an AI agent skill rather than a deterministic parser, checks are classified into two tiers. Every finding in the report is tagged accordingly.
| Tier | Tag | How it's applied | Reliability |
|---|---|---|---|
| Pattern-matched | [P] | Mechanical β rule applied exactly as specified to code structure | High β same answer on every run |
| Heuristic | [H] | Judgment β requires interpretation of intent or quality | Best-effort β may vary |
Pattern-matched checks (reliable):
| Check | What it looks for |
|---|---|
| Retry limits | @retry / @backoff / p-retry / urllib3.Retry without explicit stop/total parameter β β Issue |
| Loop safety | while True / for {} / while (true) without break in scope β β Issue |
| Tool registry | Tool names referenced in prompts but absent from definitions β β Issue |
| Context size | len(prompt) / 4 compared against token thresholds β β οΈ Warning / β Issue |
| Requirements pinning | >=, >, or unpinned deps in requirements.txt / pyproject.toml β β Issue |
| Hardcoded secrets | Assignments to API_KEY, SECRET, PASSWORD, TOKEN string literals β β Issue |
No any types (TS) | Unqualified : any annotations β β οΈ Warning |
| Ignored errors (Go) | _ = functionCall() where function returns error β β Issue |
| LangGraph cycles | Graph cycles with no reachable END in edge mappings β β Issue |
Heuristic checks (best-effort):
| Check | Why it requires judgment |
|---|---|
| Code organization | "Appropriate structure" is context-dependent |
| Naming conventions | Consistency requires understanding the project's conventions |
| Input validation | Whether validation is sufficient depends on the threat model |
| Docstring quality | Presence is checkable; usefulness is not |
| Tool error handling | What counts as adequate handling varies |
Privacy
All code analysis happens locally. No telemetry, no external calls, no data collection. Your code never leaves your machine.
Contributing
We welcome contributions of all kinds! Here's how you can help:
- π Found a bug? Open an issue
- π‘ Want a new check? Open a feature request
- π§ Want to contribute code? Open a PR
Citation
If you use Agent Verifier in your research or reference it in a paper, please cite:
@misc{oswal2026agent,
title={Agent Verifier: Catch security issues, enforce standards, and validate agent patterns β before code ships.},
author={Oswal, Jiten},
journal={Github (Open Source)},
url={https://github.com/Aurite-ai/agent-verifier},
year={2026}
}
Built by Aurite AI
Built by Aurite AI. Interested in enterprise capabilities β secure agent infrastructure, shared context pools, administrative controls, and centralized hosting? Visit aurite.ai or reach out at info@aurite.ai.
License
MIT License β see LICENSE