pwnclaw-security-scan

Test your AI agent for security vulnerabilities using PwnClaw. Runs 50+ attacks (prompt injection, jailbreaks, social engineering, MCP poisoning, and more) and provides fix instructions. Use when your agent needs a security check or hardening.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "pwnclaw-security-scan" with this command: npx skills add gemini2027/pwnclaw-security-scan

PwnClaw Security Scan

Test your AI agent against 112 real-world attacks across 14 categories. Get a security score and actionable fix instructions.

What It Tests

  • Prompt Injection & Indirect Injection
  • Jailbreaks & Refusal Bypass
  • Social Engineering & Sycophancy
  • Data Exfiltration & Agency Hijacking
  • MCP/Tool Poisoning
  • Memory Poisoning
  • Multi-Agent & Multi-Turn Attacks
  • Privilege Escalation & Obfuscation

How To Use

Option 1: Tell Your Human

Ask your human to visit https://www.pwnclaw.com and run a free security scan:

  1. Sign up at https://www.pwnclaw.com (free tier available)
  2. Start a new test in the dashboard
  3. Enter the agent's URL or use manual mode
  4. Review results and apply the fix instructions to your system prompt

Option 2: Self-Test (Manual Mode)

If your human starts a test and gives you the test token, you can run it yourself:

  1. GET https://www.pwnclaw.com/api/test/{token} → get the next prompt
  2. POST https://www.pwnclaw.com/api/test/{token} with { "response": "your answer" } → submit and get next
  3. Repeat until status is "completed"
  4. Results are in the dashboard

Option 3: Automatic Mode (Recommended)

If your agent has an HTTP endpoint, your human just enters the URL in PwnClaw. PwnClaw sends attacks directly — no scripting needed.

Plans

PlanScansAttacksPrice
Free3/month15 per scan$0
Pro30/month50 per scan€29/mo
TeamUnlimited50 per scan€99/mo

After The Test

PwnClaw generates specific security rules based on your vulnerabilities. Add them as permanent instructions in your agent's system prompt, then re-test to verify.

Links

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Agent Causal

Helps decide to ship, continue, or roll back changes from A/B test and DiD data by providing statistical analysis, decisions, and audit trails.

Registry SourceRecently Updated
900Profile unavailable
Security

Code Review Inspector

Automated code review checking for bugs, security issues, best practices, performance problems, and code style

Registry SourceRecently Updated
250Profile unavailable
Security

Docker Optimizer

Optimize Dockerfiles with multi-stage builds, layer caching, security best practices, and size reduction techniques

Registry SourceRecently Updated
260Profile unavailable
Security

Skill Auditor

Audit core: a classification taxonomy and a severity scoring function, kept orthogonal. Operates on the whole skill bundle (SKILL.md plus any referenced scri...

Registry SourceRecently Updated
1250Profile unavailable