ai-security — independent software & tools
-
clawseccheck
🦞 Free, local, read-only security self-audit for your own OpenClaw AI-agent setup. Scores it A–F, surfaces the urgent holes, emits copy-paste fixes. Zero deps, no network, no API key — your data never leaves your machine.
-
agent-egress-bench
Provide an open test corpus to assess and improve AI agent egress security through validated cases and automated workflows.
-
Secure-Agent-Launcher
Block AI agent access to sensitive macOS paths and log all actions to protect private data during command execution.
-
MCPScan
Scan and identify security issues in MCP servers to help strengthen defenses against potential attacks on AI agent connections.
-
entropy-chaos
Test APIs by generating custom attack scenarios using large language models to uncover logic flaws beyond standard scanners.
-
Unpinched
Detect PinchTab deployments and browser bridge artifacts with a fast, point-in-time scanner for security and forensic analysis.
-
agent-bom
AI supply-chain & cloud security scanner and self-hosted control plane — agents, MCP, packages, cloud estate, non-human identities, and LLM cost. SBOM/SARIF, graph attack-paths, runtime enforcement, and compliance evidence.
-
cloud-ai-security-skills
Cloud and AI security automation skills: OCSF-shaped evidence, detection engineering, audit, compliance, MCP workflows, and HITL-controlled operations.
-
openclaw-codex-agent
Implement a contract-first dev workflow that plans, runs, verifies, and fixes code tasks for reproducible, auditable, and verifiable development.
-
bonklm
Enforce security guardrails for large language models in Node.js applications to manage risks and maintain safe usage across platforms and providers.