About ClawAudit

ClawAudit is a static security auditor for AI agent configurations. It scans CLAUDE.md, .mcp.json, .cursorrules, and ClawHub skills for dangerous permissions, credential leaks, and compound threats — before they reach production.

How It Works

AI agents are configured through markdown files (CLAUDE.md), MCP server configs (.mcp.json), and skill definitions (SKILL.md). These files grant permissions, wire up tools, and define what an agent can do. ClawAudit parses them with zone-aware analysis:

• Code blocks are weighted as executable instructions, parsed with Acorn AST
• Prose sections are analyzed for social engineering and prompt injection
• YAML frontmatter and JSON configs are parsed for declared permissions
• Cross-file trust tracing connects CLAUDE.md and MCP configs to find escalation paths

The engine applies 115 detection patterns, 20 compound threat rules, and maps every finding to OWASP LLM Top 10 (2025) and Agentic Top 10 ASI (2026). Output as text, JSON, or SARIF for CI/CD integration.

Why It Exists

Platform scans catch known-bad URLs. ClawAudit catches what they miss — compound threats (file read + network out = exfiltration), cross-file trust violations, undeclared permissions, and capability escalation across config boundaries. It's the security gate for your CI pipeline.

Built By

ClawAudit is built by 4Worlds.

Install

npx @clawaudit/cli scan . — scans your project for agent config files and reports findings. Or use the free REST API — no authentication required. SARIF output plugs directly into GitHub Code Scanning.

Learn More

• Read the State of OpenClaw Security report for ecosystem-wide findings.
• Browse our blog for guides on auditing configs, prompt injection, and API integration.
• Explore the registry to check any config's trust score.