Gemma 4 challenge build

Review this tool before you add it

Paste a GitHub or MCP repo link. Get a read-only install review before the tool reaches your shell, files, browser, or secrets.

Paste link Run scan

$ agent-surface-map read-only scan

Proposed capability Loading...

Review mode read-only local scan + Gemma 4 review

Risk score --

Why Gemma 4

Scanner finds evidence. Gemma 4 makes the install call.

Gemma 4 reads the redacted surface map, connects combined risks, and returns the install posture and constraints your coding agent should follow.

Workflow integration

Paste MCP repo -> Gemma reviews install risk -> copy constraints for your agent.

scan_github_tool(url) -> install_context -> safe agent constraints

What gets checked

Install-facing signals, not a full source audit

read-only

MCP config

Parses server names, commands, args, env key names, and risk hints.

Shell access

Flags terminal/process surfaces that need approval gates and isolation.

Browser sessions

Looks for browser automation and profile reuse that could expose cookies.

Filesystems

Highlights broad local paths, filesystem MCPs, and oversized mounts.

Credentials

Records secret-adjacent key names while redacting values from reports.

Agent instructions

Treats repo instruction files and prompt-override text as untrusted context.

Example MCP reviews

Common MCP installs to review before adding

Representative templates, not safety certifications.

8 templates

Core review

Gemma 4 install verdict

Install posture pending Waiting on report.

Loading report...

Static scan vs model judgment

Loading comparison...

Top Risks

Hardening Plan

Copy install context

Waiting on scan.

Why the score moved

Risk signals found

Each signal is a permission pressure point. The count shows how often the scanner saw it in install-facing files.

Parsed config

MCP servers detected

0 servers

Evidence

Safe workflow notes

0 findings