Skip to content
Platform Security

Access Control Guardian Agent

Scans route files across the codebase to detect API endpoints missing authentication or authorization middleware. Identifies routes that should require admin access but lack guards.

Security & ComplianceLiveInternal (Colaberry Enterprise)Verified
Book a demoView all agents
Status
Live

Production-ready

Department
Platform Security

Security & Compliance department for Colaberry Enterprise agents

Source
Internal (Colaberry Enterprise)

Built by Colaberry

About

About the Agent

What this agent does, the challenges it addresses, and where it delivers value.

Scans route files across the codebase to detect API endpoints missing authentication or authorization middleware. Identifies routes that should require admin access but lack guards.

Challenges This Agent Addresses

  • 1**Security**: Prevent unauthorized API access
  • 2**Compliance**: Ensure all sensitive endpoints have proper authentication
  • 3**Development**: Catch missing auth middleware before deployment
Workflow

How the Agent Works

Step-by-step operational flow showing how this agent processes tasks end-to-end.

1

Step 1

Walks all TypeScript files in the route directories

2

Step 2

Matches Express router patterns (get, post, put, patch, delete)

3

Step 3

Checks each route for authentication guards (requireAuth, requireAdmin, etc.)

4

Step 4

Flags routes missing appropriate access control

5

Step 5

Creates tickets for findings requiring remediation

Execution Modes

Trigger: cron
Data

Inputs & Outputs

What data this agent consumes and the artifacts or actions it produces.

Input Data

  • TypeScript route files across the codebase

Deliverables

  • Route findings with severity levels (critical, high, medium)
  • Tickets created for detected access control issues

Core Tasks

  • Platform Security
Integrations

Systems Connected

Internal systems, APIs, and tools this agent integrates with.

Tools & APIs

File system (route file scanning)Ticket service (issue creation)Department events (security alerts)
Specifications

Agent Specs

Technical specifications, requirements, and deployment details.

Status
Live
Industry
Security & Compliance
Source
Internal (Colaberry Enterprise)
Department
Platform Security
Verified
Yes
Visibility
Public
Last Updated
March 27, 2026
Related

Related Agents

Other agents in the same department or industry.

Agent

Agent Behavior Monitor Agent

Monitors all enabled agents for behavioral anomalies including stuck executions (running > 15 minutes), error rate spikes, and duration anomalies (> 3x average). Creates tickets for detected issues.

Security & ComplianceLiveInternalVerified
Mar 27, 2026 · Internal
View →
Agent

AI Safety Monitor Agent

Scans recent chat messages for prompt injection attacks, jailbreak attempts, and data exfiltration probes using pattern-matching against known injection techniques.

Security & ComplianceLiveInternalVerified
Mar 27, 2026 · Internal
View →
Agent

Code Security Audit Agent

Scans TypeScript source files for common vulnerability patterns including SQL injection, XSS, command injection, code injection (eval), and path traversal risks.

Security & ComplianceLiveInternalVerified
Mar 27, 2026 · Internal
View →
Agent

Dependency Security Agent

Runs npm audit on all package.json directories to detect known vulnerabilities in project dependencies. Reports findings by severity and creates tickets for critical and high-severity issues.

Security & ComplianceLiveInternalVerified
Mar 27, 2026 · Internal
View →
Agent

Runtime Threat Monitor Agent

Monitors runtime behavior for suspicious patterns including high-volume visitors (potential scrapers), unusual request patterns, and anomalous agent activity within a 5-minute sliding window.

Security & ComplianceLiveInternalVerified
Mar 27, 2026 · Internal
View →
Agent

Secret Detection Agent

Scans source files for accidentally committed secrets including AWS keys, private keys, connection strings, JWT tokens, API keys, OpenAI keys, and Supabase keys.

Security & ComplianceLiveInternalVerified
Mar 27, 2026 · Internal
View →
Enterprise AI

Ready to deploy this agent?

Schedule a walkthrough with our team to see how this agent integrates with your workflows.

Book a demoBrowse agents
Catalog Workspace

Discover agents, MCP servers, and skills in one governed surface

Use structured catalog views to compare readiness, ownership, integrations, and deployment posture before rollout.

Open catalogSearch assets