Seven security tools that run natively inside Claude Code, Cursor, and Windsurf. No context switching. No separate dashboard. Security where you already work. Listed on the Official MCP Registry.
Scans your MCP server configs for prompt injection risks, excessive tool permissions, missing origin validation, and insecure patterns. Catches issues before they reach production.
Detects hardcoded API keys, passwords, tokens, and credentials in your codebase. Supports 200+ secret patterns including AWS, GitHub, Stripe, and OpenAI keys.
Generates a full STRIDE threat model from a description of your AI system. Returns attack vectors, trust boundary analysis, and compliance control mapping.
Analyzes system prompts and tool descriptions for injection vulnerabilities, jailbreak vectors, and unsafe instruction patterns.
Runs a fast security check on staged files before committing. Catches secrets and misconfigurations without leaving your terminal.
Scans agent skill files, CLAUDE.md, and .cursorrules for overprivileged instructions, unsafe patterns, and security anti-patterns.
Checks AI framework dependencies (LangChain, LlamaIndex, anthropic SDK, openai SDK) for known CVEs and vulnerable versions.
Create a free Arcwall account at arcwall.io/register. Your API key is shown after sign up.
Create free account →Add the Arcwall MCP server to your Claude Code, Cursor, or Windsurf config. Paste the snippet below into your MCP settings.
Ask Claude Code or Cursor to scan your MCP configuration: “Scan my MCP setup for security issues using Arcwall.” Results sync to your Arcwall dashboard.
Free forever. 50 scans per month. No credit card required.