ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified developer tools Safety 5/5

aegis-audit

Deep behavioral security audit for AI agent skills and MCP tools. Performs deterministic static analysis (AST + Semgrep + 15 specialized scanners), cryptographic lockfile generation, and optional LLM-powered intent analysis. Use when installing, reviewing, or approving any skill, tool, plugin, or MCP server — especially before first use. Replaces basic safety summaries with full CWE-mapped, OWASP-tagged, line-referenced security reports.

Why use this skill?

Audit AI agent skills and MCP tools with Aegis. A deep security scanner providing AST analysis, CWE mapping, and cryptographic proof for total AI trust.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/sanguineseal/aegis-audit
Or

What This Skill Does

Aegis Audit is a high-assurance behavioral security scanner specifically engineered for AI agent skills and Model Context Protocol (MCP) tools. Unlike traditional linting tools, Aegis performs deep, deterministic static analysis using an advanced combination of Abstract Syntax Tree (AST) parsing, custom Semgrep rules, and fifteen specialized security scanners. It provides a granular view of an agent's true intent by mapping code execution paths to specific CWE (Common Weakness Enumeration) entries and OWASP security categories.

Aegis serves as the 'SSL certificate' for your AI environment. It identifies exactly what resources a skill accesses—such as specific filesystem paths, remote URLs, or network ports—instead of providing vague permission warnings. The tool also generates a cryptographic Ed25519-signed lockfile for every audit, ensuring that the code you reviewed is exactly what is running. Whether you are vetting a community-contributed skill or auditing internal tools, Aegis provides the transparency required to maintain a secure AI agent ecosystem.

Installation

You can install Aegis Audit via Python's package manager. It is recommended to use a virtual environment or a tool runner like uv to maintain isolated dependencies:

pip install aegis-audit

For improved reproducibility, always pin to the latest stable version: pip install aegis-audit==1.3.0. After installation, the aegis command will be available in your shell path, allowing you to run audits against any local source code repository or unpacked skill package.

Use Cases

  • Vetting New Skills: Run Aegis before installing any new tool from the ClawHub to identify hidden data exfiltration or malicious system calls.
  • Regulatory Compliance: Generate standardized security reports for AI agents deployed in enterprise environments where auditability is mandatory.
  • Supply Chain Security: Use the cryptographic lockfile feature to verify that third-party tools haven't been tampered with post-audit.
  • Privacy-First Analysis: Perform full local audits without leaking source code to external cloud providers, as the tool functions entirely offline.

Example Prompts

  1. "Aegis, run a security audit on the current directory and generate a full report including CWE mapping and risk scoring."
  2. "Scan this MCP tool and verify if it attempts to access any restricted system configuration files or environment variables."
  3. "Perform a deep audit on the installed skill and provide a summary of all identified network egress points with a risk score below 50."

Tips & Limitations

  • Local Execution: Aegis is designed for local-first operation. While LLM-powered analysis is optional for intent detection, it is disabled by default to ensure privacy.
  • Dependency Coverage: Ensure all dependencies are resolved before scanning; Aegis works best when provided with the complete source tree.
  • False Positives: Like all static analysis tools, complex obfuscation might trigger false positives. Review the 'high' severity flags manually if the scanner signals a potential threat.
  • Offline Usage: The core scanners do not require internet access, making this ideal for air-gapped or sensitive development environments.
Read Full Documentation on GitHub

Metadata

Author@sanguineseal
Stars1133
Views0
Updated2026-02-18
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-sanguineseal-aegis-audit": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#security#audit#compliance#verification#devsecops
Safety Score: 5/5

Flags: file-read, code-execution