Security intelligence for MCP servers and Agent Skills. Open vulnerability data for the AI component ecosystem.
MCP Servers
5,221
Agent Skills
134,601
Suspicious Components
8,419
Registries Monitored
7
Popular
Most popular components by stars, downloads, or visitors across all registries
openclaw/openclaw/diffs
Use the diffs tool to produce real, shareable diffs (viewer URL, file artifact, or both) instead of manual edit summaries.
openclaw/openclaw/acp-router
Route plain-language requests for Pi, Claude Code, Codex, OpenCode, Gemini CLI, or ACP harness work into either OpenClaw ACP runtime sessions or direct acpx-driven sessions ("telephone game" flow). For coding-agent thread requests, read this skill first, then use only `sessions_spawn` for thread creation.
facebook/react/flags
Use when you need to check feature flag states, compare channels, or debug why a feature behaves differently across release channels.
facebook/react/test
Use when you need to run tests for React core. Supports source, www, stable, and experimental channels.
facebook/react/verify
Use when you want to validate changes before committing, or when you need to check all React contribution requirements.
facebook/react/fix
Use when you have lint errors, formatting issues, or before committing code to ensure it passes CI.
facebook/react/flow
Use when you need to run Flow type checking, or when seeing Flow type errors in React code.
facebook/react/feature-flags
Use when feature flag tests fail, flags need updating, understanding @gate pragmas, debugging channel-specific test failures, or adding new flags to React.
New
Latest components discovered in the ecosystem
CodeThreat AppSec
Full SAST + SCA agentic security analysis for MCP servers and Skills.