Orisan

First active product

Orisan Scout

Before approving an AI coding agent in a repo, know what it can read, execute, or change.

Orisan Scout reviews repo-local MCP configuration risk and repo-level agent instruction risk, then produces an approval artifact that explains what AI agents can read, execute, or change without uploading source code.

Get ScoutRead alpha brief

Core question

What can an AI coding agent in this repo read, execute, or change?

Scout is for the moment before approval, when a team needs a clear local record instead of a verbal “it should be fine.”

Run it today

One local command creates the approval files.

Install

go install github.com/Orisan-org/orisan-scout/cmd/orisan@v0.1.0-alpha.4

Run

orisan scout

Outputs

orisan-scout-review.md + orisan-scout-review.json

Full runbookGitHub release Source repo

Product mechanics

Scout is intentionally small so the artifact can be trusted.

01

Input

Scout looks only at repo-local MCP configs and repo-level agent instruction files in v0.1.

02

Detection

Findings are mapped to READ, EXECUTE, and CHANGE so the reviewer sees agent capability.

03

Guidance

The report recommends review required, restricted approval, or no repo-local blocker found.

04

Artifact

Markdown and JSON outputs carry git metadata, report hash, and payload_stored=false.

Report preview

The report is built for the approval thread.

orisan-scout-review.md

## Capability Summary

AI coding agents configured in this repo can read broad repository context and execute shell commands through MCP.

## Approval Guidance

Recommended decision: Review required before approving AI coding agent use in this repository.

## Findings

HIGH   .mcp.json   filesystem server mounted to repo root
HIGH   .mcp.json   shell tool available to agent
MED    AGENTS.md   auto-commit behavior allowed

What it checks

Scout checks repo-local agent surfaces only.

.mcp.json.cursor/mcp.json.vscode/mcp.jsonAGENTS.mdCLAUDE.md.github/copilot-instructions.md.cursor/rules.windsurf/.codex/.continue/

Review questions

Scout turns vague agent risk into questions a reviewer can answer.

What local tools can the agent reach from this repo?
Can the agent execute shell commands or package scripts?
Do repo instructions permit autonomous commits or pushes?
Is production, infrastructure, or credential handling mentioned in agent guidance?
What decision should AppSec make before approval?
What evidence should be kept with the approval record?

Who it helps

Built for teams approving agentic development, not buying another dashboard.

AppSec

Create a repeatable preflight check before approving AI-agent use in sensitive repositories.

Engineering leads

Understand whether local agent setup has crossed from assistive coding into execution or change authority.

Platform teams

Standardize lightweight approval evidence without adding a daemon, control plane, or cloud upload.

Non-goals

Narrow on purpose, honest by default.

not a full SAST, SCA, DAST, or secrets scanner
not a cloud control plane
not a background agent or daemon
not a claim that every AI risk is covered
not home/global config scanning by default
not a replacement for human approval

Early access

Bring Scout into the repositories where agent risk is becoming real.

Scout is in active development. We are looking for teams already using AI coding assistants, local agent workflows, MCP servers, or repository-level instruction files.