ABOUT
Making the AI Skill
Ecosystem Safer
ClawSafe is built by the YiSec team — an AI-native security company.
Our Mission
AI coding tools are transforming software development. The rise of Claude Code, Cursor, and Copilot has created a new attack surface — AI skills. Skills can read files, execute commands, and access the network, yet most users grant these permissions without knowing what they're installing.
ClawSafe's mission is to provide transparent, trustworthy security analysis for every skill before it's installed. We believe open security information is the foundation of trust — and agent-driven automation is the only scalable way to deliver it.
Our Story
ClawSafe was born in 2025 as the AI coding skill ecosystem was exploding in growth but operating with almost no security review. As security researchers, we began systematically analyzing public skills and found a series of concerning patterns: hidden data exfiltration, backdoors disguised as legitimate tools, and prompt injection attacks targeting agent context.
We built an agent-native security analysis platform — a pipeline of specialized agents that collaborate across file collection, static analysis, and semantic reasoning — giving every developer the information to make an informed decision before installing a skill.
Team & Company
ClawSafe is built and maintained by the YiSec team. YiSec is an AI-native security company focused on researching and defending against emerging AI security threats.
Learn about YiSec →Core Values
Transparent
All scan reports are public. The methodology is fully documented. We do not do black-box security.
Accurate
False positives erode trust. We continuously tune our analysis to balance precision and recall.
Fast
Security shouldn't create friction. Scans complete in under 60 seconds with no signup required.
Open
Security is a collective responsibility. We welcome community feedback, corrections, and contributions.
Get in Touch
Have suggestions, found a false positive, or want to collaborate? We want to hear from you.