SkillRisk — Free AI Agent Skill Security Scanner | MCP Server & OpenClaw ClawHavoc Protection

Why Scan Your AI Agent Skills in 2026?

The AI agent threat landscape has exploded in 2026. The ClawHavoc attack exposed 1,184 malicious skills on ClawHub. BlueRock Security found 36.7% of MCP servers vulnerable to SSRF attacks. The IBM 2026 X-Force Threat Index confirmed AI-driven attacks are escalating faster than enterprise defenses. CVE-2026-2256 enables prompt-based privilege escalation on affected installations.

SkillRisk scans 100% in your browser — no code leaves your device. Detect malicious hooks, MCP server vulnerabilities, data exfiltration patterns, prompt injection, and supply chain attack indicators across OpenClaw, Claude Code, and other agentic AI platforms.

AI Agent Security Scanner Features

• MCP Server SSRF Detection — Scans MCP server configurations for server-side request forgery, command injection, and known malicious endpoints (36.7% of servers vulnerable per BlueRock 2026)
• Hook Hijacking Detection — Detects malicious PreToolUse or PostToolUse hooks that execute silent background commands
• ClawHavoc Pattern Matching — Scans for the exact attack patterns used in the ClawHavoc supply chain attack on ClawHub
• Supply Chain Attack Protection — Identifies compromised dependencies, malicious postinstall scripts, and CVE-2026-2256 vulnerable patterns
• Data Exfiltration Prevention — Identifies hidden curl/wget requests that steal credentials and environment variables
• Credential Leak Scanning — Finds hardcoded API keys, SSH keys, AWS credentials, and database connection strings
• Prompt Injection Detection — Identifies adversarial prompt patterns that can hijack AI agent behavior
• SKILL.md & .mcp.json Analysis — Purpose-built for OpenClaw SKILL.md, Claude Code, Cursor, and Windsurf agent configurations

How It Works

1. Paste your SKILL.md, .mcp.json, hook scripts, or upload a .zip folder
2. SkillRisk analyzes 646+ security rules across 8 vulnerability categories entirely in your browser
3. Get an instant security score with detailed risk breakdown and remediation steps — no data leaves your device

Try the free AI agent skill scanner now — no signup required, 100% client-side.

2026 AI Agent Threat Landscape

The Cisco State of AI Security 2026 report and IBM X-Force Threat Index both highlight AI agent supply chain attacks as a top emerging threat. Only 29% of organizations report readiness to secure agentic AI deployments. Key threats include:

• ClawHavoc — 1,184 malicious OpenClaw skills deploying AMOS stealer malware via ClawHub
• MCP SSRF — 36.7% of Model Context Protocol servers vulnerable to server-side request forgery
• CVE-2026-2256 — Unsanitized shell command execution enabling prompt-based privilege escalation
• Salt Typhoon — State-sponsored supply chain compromise injecting malicious logic into agent frameworks

Frequently Asked Questions

How does SkillRisk protect against OpenClaw threats like ClawHavoc?

SkillRisk scans SKILL.md files, hook scripts, and MCP configurations for the exact attack patterns used in ClawHavoc — embedded curl exfiltration, AMOS stealer payloads, and hidden command execution. With 1,184 malicious skills found on ClawHub, scanning before installation is essential.

Does SkillRisk detect MCP server SSRF vulnerabilities?

Yes. BlueRock Security found that 36.7% of MCP servers are potentially vulnerable to server-side request forgery (SSRF). SkillRisk scans MCP server configurations for SSRF patterns, command injection via server args, known malicious endpoints, and overly permissive configurations.

Are my skill files uploaded to your servers?

No. SkillRisk runs 100% in your browser. Your code never leaves your device — all scanning is performed client-side. No data is uploaded, stored, or transmitted.

What AI agent supply chain attacks does SkillRisk detect?

SkillRisk detects ClawHavoc-style SKILL.md injection, malicious postinstall scripts, compromised MCP server endpoints, hidden network exfiltration, credential theft (AMOS stealer), and CVE-2026-2256 unsanitized shell execution vulnerabilities.

What file formats does SkillRisk support?

You can upload a .zip of your skill folder. We analyze SKILL.md, settings.json, .mcp.json, and referenced .sh or .js hook scripts used by OpenClaw, Claude Code, Cursor, Windsurf, and other AI coding agents.

Latest Security Research

• Securing Claude Cowork: File Exfiltration in 48 Hours, CVEs, and What You Must Do Now
• Why 36% of MCP Servers Are Vulnerable to SSRF
• The Complete OpenClaw Skill Security Checklist 2026
• VirusTotal vs SkillRisk: Why File Scanning Isn't Enough for OpenClaw
• ClawHavoc Aftermath: How to Scan OpenClaw Skills for Malware
• The Future is Local: Why Cloud-Based AI Agents Are a Security Liability
• We Analyzed the Top 100 Most-Starred GitHub Skills
• 10 Critical Security Risks in AI Coding Agent Skills
• Hidden Dangers in Your AI Coworker