ryo-ebata/cc-audit
AI-free static security scanner for Claude Code artifacts (Skills, Hooks, MCP configs). Detects data exfiltration, prompt injection, and supply chain risks with deterministic, reproducible results.
This tool helps security auditors and developers prevent common risks in AI coding clients like Claude. It takes Claude Code artifacts (Skills, Hooks, MCP server configurations) as input and identifies potential vulnerabilities like data exfiltration, prompt injection, and over-permissioned access. The output is a clear security report, helping you decide if the code is safe to use or install.
Use this if you need to verify the security of third-party Claude Code before integrating it into your systems or development workflow.
Not ideal if you are looking for a runtime threat detection system or a tool to audit non-Claude-specific code.
Stars
17
Forks
1
Language
Rust
License
MIT
Category
Last pushed
Mar 11, 2026
Commits (30d)
0
Get this data via API
curl "https://pt-edge.onrender.com/api/v1/quality/mcp/ryo-ebata/cc-audit"
Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.
Higher-rated alternatives
Wh0am123/MCP-Kali-Server
MCP configuration to connect AI agent to a Linux machine.
DMontgomery40/pentest-mcp
NOT for educational purposes: An MCP server for professional penetration testers including...
BurtTheCoder/mcp-shodan
MCP server for Shodan — search internet-connected devices, IP reconnaissance, DNS lookups, and...
cyproxio/mcp-for-security
MCP for Security: A collection of Model Context Protocol servers for popular security tools like...
0x4m4/hexstrike-ai
HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot,...