Security
Every submission is automatically scanned before publishing.
Scanning pipeline
Pattern matching
Scan for known prompt injection phrases, credential exfiltration patterns, hidden unicode characters, and obfuscated code.
URL analysis
Flag direct IP addresses, URL shorteners, suspicious top-level domains, and unusual port numbers.
Trust-based routing
Low risk + verified author = auto-approve. Medium risk = manual review. High risk = quarantine.
MCP-Scan
For skills and MCP servers, we run Invariant Labs' mcp-scan to detect tool poisoning, toxic flows, and malware payloads hidden in natural language.
VirusTotal URL scanning
Repository and documentation URLs are checked against 70+ security engines via VirusTotal for malware, phishing, and malicious content.
What we detect
MCP-Scan integration
For skills and MCP server submissions, we integrate with Invariant Labs' mcp-scan - an open-source security scanner specifically designed for the Model Context Protocol.
Tool poisoning detection
Identifies malicious tool descriptions that attempt to manipulate agent behavior.
Toxic flow analysis
Detects dangerous data flows between tools that could exfiltrate sensitive information.
Rug pull prevention
Scans for patterns that could change server behavior after initial approval.
Natural language payloads
Finds malware instructions hidden in seemingly innocent documentation.
Trust tiers
Account created. Full review on all submissions.
3+ approved submissions, 30+ day account. Faster review.
Manual verification + GitHub history. Can submit skills.
OpenClaw team or endorsed projects. Instant publish.
Report something
Found something suspicious? Every listing has a Report button. 3+ reports trigger automatic quarantine and manual review.
Read the security policy →