API Documentation

API Overview

AgentGuard provides a REST API for integrating security scanning into your CI/CD pipelines and development workflows. Submit agent configurations or URLs for scanning, poll for results, and retrieve detailed findings programmatically.

Base URL

All API requests are made to:

url
https://api.agentguardprotection.com

Authentication

Include your API key in the X-API-Key header. API access requires a Pro plan. Generate keys from your Settings page.

bash
curl -H "X-API-Key: ag_your_key_here" \
  https://api.agentguardprotection.com/api/health

Endpoints

POST /api/scan

Create a new security scan. You can scan by URL or by pasting configuration content directly.

URL scan request body:

json
{
  "target_url": "https://agent.example.com",
  "scan_type": "full"
}

Paste scan request body:

json
{
  "paste_content": "...",
  "scan_input_type": "paste",
  "scan_type": "quick"
}

GET /api/scans/{scanId}/status

Poll scan status. Use this endpoint to check whether a scan has completed.

Response:

json
{
  "scan_id": "...",
  "status": "completed",
  "risk_score": 3.5,
  "findings_count": 2
}

GET /api/scan/{scanId}

Get full scan results including all findings, severity breakdown, risk score, and remediation guidance.

GET /api/scans

List scans with pagination. Supports the following query parameters:

  • page — Page number (default: 1)
  • per_page — Results per page (default: 20)
  • severity — Filter by minimum severity
  • date_from — Filter by start date (ISO 8601)
  • date_to — Filter by end date (ISO 8601)

CI/CD Example

Add AgentGuard scanning to your GitHub Actions workflow to automatically check agents before deployment:

yaml
- name: Scan agent
  run: |
    SCAN=$(curl -s -X POST \
      -H "X-API-Key: ${{ secrets.AGENTGUARD_KEY }}" \
      -H "Content-Type: application/json" \
      -d '{"target_url": "${{ env.AGENT_URL }}", "scan_type": "full"}' \
      https://api.agentguardprotection.com/api/scan)
    SCAN_ID=$(echo $SCAN | jq -r '.scan_id')
    # Poll until complete
    while true; do
      STATUS=$(curl -s -H "X-API-Key: ${{ secrets.AGENTGUARD_KEY }}" \
        https://api.agentguardprotection.com/api/scans/$SCAN_ID/status)
      if echo $STATUS | jq -e '.status == "completed"' > /dev/null; then break; fi
      sleep 5
    done
    # Fail if critical findings
    CRITICAL=$(echo $STATUS | jq '.findings_count')
    if [ "$CRITICAL" -gt 0 ]; then echo "Security issues found!"; exit 1; fi

Ready to integrate?

Create a Pro account to generate your API key and start scanning.

Get Started Free