loading…
en/
Browse all
by modelcontextprotocol
by xuzexin-hz
Skillssafe
FreeNot checkedFree AI agent skill security scanner. Detects prompt injection, credential theft, zero-width character attacks, and ClawHavoc malware indicators. No signup requ
About
Free AI agent skill security scanner. Detects prompt injection, credential theft, zero-width character attacks, and ClawHavoc malware indicators. No signup required.
README
npm version MCP Registry License: MIT
MCP server for SkillsSafe — the security layer for AI agents.
Scan SKILL.md files, MCP configs, and system prompts for:
- 🔐 Credential theft & data exfiltration
- 💉 Prompt injection attacks
- 👻 Zero-width character attacks
- 🦠 ClawHavoc malware indicators
- 🐚 Shell injection & reverse shells
- 🔍 Scope creep & memory poisoning
Free. No API key. No signup.
Quick Start
Claude Desktop
Add to ~/Library/Application Support/Claude/claude_desktop_config.json:
{
"mcpServers": {
"skillssafe": {
"command": "npx",
"args": ["-y", "skillssafe-mcp"]
}
}
}
Cursor
Add to .cursor/mcp.json:
{
"mcpServers": {
"skillssafe": {
"command": "npx",
"args": ["-y", "skillssafe-mcp"]
}
}
}
Direct SSE (Remote)
For clients that support SSE transport:
https://mcp.skillssafe.com/sse
Tools
scan_skill
Scan an AI agent skill file for security threats before installation.
Parameters:
url - URL of skill to scan (GitHub raw URL, ClawHub URL, etc.)
content - Raw text content of skill to scan (alternative to url)
lang - Response language: "en" | "zh" | "ja" (default: "en")
Returns:
decision - INSTALL / REVIEW / BLOCK
risk_score - 0–100
threats - List of detected threats with severity
scan_id - ID for retrieving full report
get_report
Retrieve a previously generated scan report.
Parameters:
scan_id - Scan ID returned by scan_skill
Registry
- Official MCP Registry:
com.skillssafe/scanner - Smithery: skillssafe
- Glama: skillssafe-mcp
🛡️ Security Audit
This project is indexed by SkillsSafe.
You can audit this MCP server before installing it:
openclaw mcp add skillssafe https://mcp.skillssafe.com/sse
Check out the community discussion on Cursor Forum.
License
MIT © SkillsSafe
How to install
Run in your terminal:
claude mcp add skillssafe-mcp -- npx Related MCPs
Fetch
Web content fetching and conversion for efficient LLM usage.
by Community
1
AWS KB Retrieval
Retrieval from AWS Knowledge Base using Bedrock Agent Runtime.
by modelcontextprotocolSpring AI MCP Server
Provides auto-configuration for setting up an MCP server in Spring Boot applications.
by Community
llm-analysis-assistant
A very streamlined mcp client that supports calling and monitoring stdio/sse/streamableHttp, and can also view request responses through the /logs page. It also
by xuzexin-hzCompare Skillssafe with
Not sure what to pick?
Find your stack in 60 seconds
Author?
Embed badge for your README
Browse similar
All ai MCPs