Authorize every action your AI agents take
Start with a free, local Agent Environment Review. Map what every agent can do, find where its authority is ungranted, and close the gap.
Quickstart
First review in 60 seconds
Installation
CLI, VS Code, Docker
Configuration
Tune scope and policy
CI/CD
GitHub Actions & GitLab
Patterns
77 detection patterns
The model
Runtime governance is delivered in order. You cannot enforce a boundary you have not authorized, or authorize an agent you have not identified — so the sequence is the product.
Review
Map what every agent in your workspace can actually reach — repo, shell, MCP tools, secrets, deploy.
Identity
Name each agent that acts: type, owner, session, capability profile, trust score.
Authorization
Compare what an agent can do against what it was granted. The difference is a gap.
Protect
Enforce the boundary at the action — allow, deny, escalate, rewrite, quarantine, terminate.
Control
Policy, approvals, and audit across every agent and workspace from one place.
Runtime
Governance that lives where actions happen — before execution, not after the fact.
Go deeper
The contracts and reasoning behind each tier.
Install
Install the DeepSweep CLI via pip (recommended) — the deepsweep-ai package installs the deepsweep command:
pip install deepsweep-aiVerify the install:
deepsweep --versionRun a review
Review the agents operating in your current workspace:
deepsweep validate .Example output
DeepSweep v1.0.2
Checking ....
[INFO] Loaded 16 security rules
[INFO] Reviewing AI assistant configurations
[CRITICAL] .cursorrules:1
Your AI assistant can be tricked into ignoring safety rules.
Fix: remove instructions that tell the AI to ignore previous
instructions or override safety settings.
Grade: C (75/100)
1 files checked • 1 issue foundOutput formats
# Human-readable (default)
deepsweep validate .
# JSON for tooling
deepsweep validate . --format json
# SARIF for GitHub code scanning
deepsweep validate . --format sarifCI/CD
Gate pull requests on the review in your pipeline:
name: DeepSweep
on: [push, pull_request]
jobs:
review:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Agent Environment Review
uses: deepsweep-ai/deepsweep-platform/action@main
with:
path: .
fail-on-grade: CDetection patterns
The editor extension ships 77 patterns (37 AI-specific + 40 traditional), aligned with the OWASP LLM Top 10. The AI-specific set breaks down as:
The open-source CLI focuses on AI assistant config files and currently ships 16 rules —
run deepsweep patterns to list them.
Supported AI assistants
| Assistant | Config files |
|---|---|
| Cursor | .cursorrules, .cursor/rules, .cursor/mcp.json |
| GitHub Copilot | copilot-instructions.md, .github/copilot-instructions.md |
| Claude | claude_desktop_config.json, .claude/config.json |
| Windsurf | .windsurfrules, .windsurf/rules |
| MCP (any client) | mcp.json, .mcp/config.json |
Configuration
Telemetry
DeepSweep collects anonymous usage data. No source code is ever collected.
# Opt out of optional analytics
deepsweep telemetry disable
# Check what is enabled
deepsweep telemetry status
# Fully offline mode (air-gapped environments)
export DEEPSWEEP_OFFLINE=1Validation strictness
Tune output format and failure threshold per run:
# Exit non-zero when findings reach a severity threshold
deepsweep validate . --fail-on critical
# SARIF for GitHub code scanning
deepsweep validate . --format sarif --output report.sarif
# Include MCP configuration checking
deepsweep validate . --include-mcpRun your first review
It is free, local, and takes about a minute.