Home / Security / plugin-auditor

plugin-auditor

secawa-com/plugin-auditor
★ 0 stars Shell 🔒 Security Updated today
Static security audit for Claude Code plugins, skills, agents, hooks, and MCP servers. Detects backdoors, prompt injection, persistence hooks, and supply-chain risks via parallel sub-agents.
View on GitHub →

Quick Install

Copy the config for your editor. Some servers may need additional setup — check the README.

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "plugin-auditor": {
      "command": "npx",
      "args": [
        "-y",
        "secawa-com/plugin-auditor"
      ]
    }
  }
}

README Excerpt

Static security audit for projects extending Claude (skills, agents, hooks, plugins, MCP servers, slash commands, etc.) before installing them in Claude Code. Detects backdoors, prompt injection, persistence hooks, and supply-chain risks via parallel sub-agents. **Author**: Piotr Kaźmierczak - CEO [Secawa](https://secawa.com) \

Tools (4)

CAUTIONSAFEUNSAFEaudit

Related Security Servers

casdoor ★ 13.4K
An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI...
🔒 Security Go
lamda ★ 7.7K
The most powerful Android RPA agent framework, next generation of mobile automation robots.
🔒 Security Python
ENScan_GO ★ 4.2K
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。支持MCP接入
🔒 Security Go
vitemcp ★ 3.1K
A TypeScript framework for building MCP servers.
🔒 Security TypeScript