ClawSec
@clawsec
About ClawSec
Security audit platform for AI agent skills (Claude Code, MCP servers). Provides 5-tier analysis: static analysis, pattern matching, LLM semantic review, Firecracker sandbox execution, and LLM final review. Trust Score system for risk assessment.
Basic information
Category
AI & Agents
Publisher
clawsec
Config
No standard config provided
This server doesn't expose a parseable MCP config block in its README. See the repository for install instructions.
Tools
No tools detected
We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.
Overview
What is ClawSec?
ClawSec is a security audit platform designed for AI agent skills, including Claude Code and MCP servers. It provides a five‑tier analysis pipeline with a Trust Score system for risk assessment. The platform has audited over 33,000 skills, identifying 20+ malicious and 160+ suspicious items. It targets threats such as prompt injection, data exfiltration, crypto wallet theft, and AI alignment attacks. ClawSec is free to use.
How to use ClawSec?
—
Key features of ClawSec
- Five‑tier analysis: static analysis, pattern matching, LLM semantic review, Firecracker sandbox execution, and LLM final review
- Trust Score system for overall risk assessment
- Detection of prompt injection, data exfiltration, crypto wallet theft, and AI alignment attacks
- Audited over 33,000 AI agent skills
- Identified 20+ malicious and 160+ suspicious skills
Use cases of ClawSec
- Audit Claude Code skills for security vulnerabilities before deployment
- Evaluate MCP servers for malicious or suspicious behavior
- Assess the risk of AI agent tools using a structured, multi‑stage analysis pipeline
FAQ from ClawSec
How many skills has ClawSec audited so far?
ClawSec has audited more than 33,000 AI agent skills, finding over 20 malicious and 160 suspicious items.
What types of threats does ClawSec detect?
ClawSec detects prompt injection, data exfiltration, crypto wallet theft, and AI alignment attacks.
Is ClawSec free to use?
Yes, the platform is free to use.
What does the Trust Score represent?
The Trust Score is a system for overall risk assessment of a skill, based on the results of the five‑tier analysis.
What analysis methods are used in ClawSec’s pipeline?
The pipeline includes static analysis, pattern matching, LLM semantic review, Firecracker sandbox execution, and a final LLM review.
More AI & Agents MCP servers
🔎 GPT Researcher
assafelovicAn autonomous agent that conducts deep research on any data using any LLM providers
MCP Claude Code
SDGLBLMCP implementation of Claude Code capabilities and more
MCP Manager for Claude Desktop
zueaisimple web ui to manage mcp (model context protocol) servers in the claude app
meGPT - upload an author's content into an LLM
adriancoCode to process many kinds of content by an author into an MCP server
Solon Ai
opensolonJava AI application development framework (supports LLM-tool,skill; RAG; MCP; Agent-ReAct,Team-Agent). Compatible with java8 ~ java25. It can also be embedded in SpringBoot, jFinal, Vert.x, Quarkus, and other frameworks.
Comments