Featured Solution
MCP Security
Every MCP server is an unreviewed code execution path into your AI environment.
HIGH
Path traversal CVSS 8.8 — arbitrary file read via git repository traversal outside working directory
2,500+
MCP repos pre-scored
22%
carry CRITICAL findings
CVSS 8.8
in official reference server
Featured Solution
Find what dependency scanners miss entirely.
AutoGPT has 184,000 stars and is deployed in thousands of environments. AISS found credential access patterns embedded in 3 of its SKILL.md files. CHK-115 confirmed it. No other scanner flagged it.
SKILL.md static analysis — embedded instructions, exfil patterns, trigger expansion
LLM-verified verdicts: CONFIRMED / LIKELY / FALSE_POSITIVE
CHK-112/113/114: base64 obfuscation, brand impersonation, hidden unicode
Evidence line + file path + remediation on every finding
How it works
01
Connect your GitHub org
OAuth in 30 seconds. AISS discovers every MCP server, skill file, hook, and agent config across all repos.
02
22 modules scan in parallel
CVE lookup, secret scanning, auth checking, tool description analysis, skill file parsing — all concurrent, all hand-written.
03
LLM verifies high-severity
Critical and high findings go to an LLM verifier before reporting. No false positives reach your CISO.
04
Gate, alert, or export
Block in CI via SARIF. Send to SIEM via NDJSON. Export CycloneDX SBOM. Enforce allowlist/blocklist policy.
Press coverage
VentureBeat
Anthropic Skill scanners passed every check. The malicious code rode in on a test file.
VentureBeat
No publicly documented scanner operates outside the assumption that the threat lives in SKILL.md.
CrowdStrike · RSAC 2026
ClawHavoc — 1,184 malicious skills confirmed in the wild. The attack surface is the skill layer.