Akto for LLM agent tool endpoints

middleBrick is a self-service API security scanner designed to assess endpoints broadly, including common patterns used by LLM agent tooling. Submit a URL and receive a risk score from A to F with prioritized findings. The scanner is black-box, requiring no agents, code access, or SDK integration, and completes in under a minute. It supports read-only methods such as GET and HEAD, along with text-only POST for LLM probes.

The scanner evaluates 12 categories aligned to the OWASP API Top 10 (2023), which maps findings to this framework and covers requirements of common security controls. For LLM agent tool endpoints, relevant detections include:

• Input Validation: CORS wildcard configurations, dangerous HTTP methods, and debug endpoints that could be leveraged to influence agent behavior.
• Data Exposure: PII patterns and API key formats that may be inadvertently surfaced through tool-description endpoints or help routes.
• Authorization: Multi-method bypass checks, JWT misconfigurations, and security header compliance relevant to tool authentication.
• SSRF: URL-accepting parameters and body fields, including active probes that attempt to reach internal IPs, which are common risks in agent tool integrations.
• LLM / AI Security: 18 adversarial probes across three scan tiers, targeting system prompt extraction, instruction override, jailbreak techniques, data exfiltration, and token smuggling related to agent tool contracts.

middleBrick parses OpenAPI 3.0, 3.1, and Swagger 2.0 with recursive $ref resolution, cross-referencing spec definitions against runtime findings such as undefined security schemes or deprecated operations. This helps identify mismatches between documented tool endpoints and actual behavior. For endpoints that require authentication, authenticated scanning is available at the Starter tier and above, supporting Bearer, API key, Basic auth, and Cookie methods. Domain verification is enforced so that only the domain owner can scan with credentials, and the scanner forwards a strict header allowlist including Authorization, X-API-Key, Cookie, and X-Custom-* headers.

The scanner does not fix, patch, block, or remediate findings; it detects and reports with remediation guidance. It does not perform active SQL injection or command injection testing, as those require intrusive payloads outside the scope. Business logic vulnerabilities, which often involve nuanced agent decision flows, are not detected and require domain expertise. Blind SSRF and other out-of-band infrastructure issues are also out of scope, and the tool does not replace a human pentester for high-stakes audits of agent platforms.

middleBrick maps findings directly to PCI-DSS 4.0, SOC 2 Type II, and OWASP API Top 10 (2023), helping you prepare for audits and aligning with security controls described in these frameworks. Other regulations are addressed through alignment framing, such as supporting audit evidence for relevant controls, without asserting certification or compliance guarantees.

The product provides a Web Dashboard for scanning, viewing reports, and tracking score trends, with branded compliance reports available. The CLI supports one-command scans with structured output, and the GitHub Action can gate CI/CD based on score thresholds. The MCP Server enables scanning from AI coding assistants, and the Pro tier adds continuous monitoring, diff detection, and signed webhooks for automated workflows.