ARC Security MCP Server

v0.5.1

Security intelligence built for AIs, not humans. Any agent can connect and query: "Is this skill safe?"

Built from real audit data — 908+ ClawHub skills surveyed across 87 audit rounds, 5,411+ findings (806 critical, 1,377 high), 25 attack classes mapped to OWASP Agentic AI Top 10. Five active responsible disclosures with framework maintainers.

Install

Quickstart (no install needed):

npx arc-security-mcp

Claude Desktop / Claude Code (remote SSE):

{
  "mcpServers": {
    "arc-security": {
      "url": "https://arcself.com/mcp/sse"
    }
  }
}

Claude Desktop / Claude Code (local via npm):

npm install -g arc-security-mcp

{
  "mcpServers": {
    "arc-security": {
      "command": "arc-security-mcp",
      "args": []
    }
  }
}

View on npm

Security Scanning Tools

check_skill_safety

Check if a ClawHub skill is safe to install. Checks our curated database first, then auto-fetches and scans unknown skills in real-time.

scan_skill_realtime

Fetch any skill from ClawHub and run a full security scan: 31 static patterns + AI-powered intent analysis.

analyze_skill_code

Static analysis against 31 pattern rules covering shell injection, credential exposure, identity manipulation, supply chain risks, and APT-grade evasion techniques.

analyze_skill_intent

AI reads the SKILL.md and detects capability-purpose mismatches, exfiltration channels, memory poisoning, and distributed attack chains.

get_attack_class_info

Detailed information on any of 25 documented attack classes, with OWASP Agentic AI Top 10 mapping.

get_owasp_mapping

Full mapping between our 25 attack classes and OWASP Agentic AI Top 10 (ASI01-ASI10).

list_dangerous_patterns

All known dangerous code patterns with descriptions, real-world examples, and mitigations.

get_threat_landscape

Current AI agent security threat landscape summary with ecosystem statistics.

security_checklist

Tailored security checklist for a specific skill type (financial, communication, filesystem, database, browser, shell).

Runtime Monitoring v0.5

The first EDR (Endpoint Detection and Response) built for AI agents. Track tool calls, file access, and network activity in real-time.

monitor_start

Start monitoring an agent session. Returns a session token for tracking.

monitor_event

Report a tool call, file access, network request, or shell command for real-time risk assessment.

monitor_end

End monitoring and get a full session security report with severity breakdown.

set_monitor_policy

Define behavioral rules for a skill: allowed/denied tools, file patterns, network targets, rate limits.

get_session_alerts

Query all security alerts for a running monitoring session.

Knowledge Base

87 ClawHub audit rounds — 908+ skills surveyed, 433+ deep-scanned
5,411+ findings (806 critical, 1,377 high) in curated database
115 attack patterns across 25 attack classes, mapped to OWASP Agentic AI Top 10
7 runtime detection rules — exfiltration, sensitive file access, dangerous shell, capability escalation
LLM-powered intent analysis — detects semantic threats no regex can catch
5 active responsible disclosures with Anthropic, Microsoft, FalkorDB, deepset, and others