Builder Submission: ClawGuard — Open-Source MCP Prompt Injection Scanner

[joergmichno]

AARM Aligned Builder Submission

company:
  name: "ClawGuard"
  logo: "https://raw.githubusercontent.com/joergmichno/clawguard/main/docs/logo.png"
  description: "Open-source real-time prompt injection scanner for MCP servers. 216 detection patterns across 15 languages, <10ms latency, mapped to OWASP LLM + Agentic + MCP Top 10."
  website: "https://github.com/joergmichno/clawguard"
  status: "aligned"

How ClawGuard aligns with AARM

ClawGuard addresses the Input Validation layer of AI runtime security:

• Prompt Injection Detection: 216 patterns detecting direct and indirect prompt injection across 15 languages
• Tool Poisoning Detection: Patterns for MCP tool description manipulation, return value injection, schema poisoning
• Confused Deputy Prevention: Delegation spoofing and privilege escalation detection
• Data Exfiltration Prevention: URL injection, credential theft, and data leakage patterns
• Memory Poisoning Detection: Patterns for context manipulation attacks
• Cross-Agent Propagation: Inter-agent relay and cross-agent injection detection

Performance: <10ms per scan, F1=99.0%, deterministic (no LLM required)
Standards: OWASP LLM Top 10 100%, OWASP Agentic Top 10 80%, OWASP MCP Top 10 100%
License: MIT (fully open source)
API: https://prompttools.co/api/v1/scan

Filed 32 security advisories to popular MCP servers (280k+ GitHub stars combined), including Google, Notion, Laravel, n8n, and Playwright MCP.

Happy to provide additional details or conformance testing evidence.

— Jörg Michno (@joergmichno)