Curated, community-vetted Claude Code plugin marketplace

Sandboxed devcontainer for running Claude Code in bypass mode safely. Built for security audits and untrusted code review.

A secure* runtime for autonomous AI agents. Policy from plain-English constitutions. (*https://ironcurtain.dev)

OpenShell is the safe, private runtime for autonomous AI agents.

Agent Lattice: a knowledge graph for your codebase, written in markdown.

Your AI agent configs, skills, and instructions on every device.

Official Elastic Skills

API security testing framework for REST, GraphQL, and gRPC that validates authorization logic using role-based testing and YAML-driven templates

OBLITERATE THE CHAINS THAT BIND YOU

htop for your Claude Code sessions — real-time cost, cache efficiency, model comparison, and smart alerts

An hardware-aware Efficient Implementation for "Mixture-of-Depths Attention".

Agent Package Manager

Contracts before code. Tests as law. Agents that can't cheat.

Protect against malicious code installed via npm, yarn, pnpm, npx, pnpx, pip, uv and poetry with Aikido Safe Chain. Free to use, no tokens required.

CredSweeper is a tool to detect credentials in any directories or files. CredSweeper could help users to detect unwanted exposure of credentials (such as token, passwords, api keys etc.) in advance…

This repo Gathers all available cve exploits from github.⚠️ Be careful Malware.

Fast, zero-dependency credential testing tool in Go. Brute force SSH, MySQL, PostgreSQL, Redis, MongoDB, SMB, and 20+ protocols. Hydra alternative with native nerva/naabu pipeline integration.

The Mimikatz Missing Manual

PMG protects developers, AI agents from malicious open source packages using proxy, sandbox and SafeDep's threat intelligence feed.

Opinionated defaults, documentation, and workflows for Claude Code at Trail of Bits

Shannon Lite is an autonomous, white-box AI pentester for web applications and APIs. It analyzes your source code, identifies attack vectors, and executes real exploits to prove vulnerabilities bef…

An AI-powered agentic red team framework that automates offensive security operations, from reconnaissance to exploitation to post-exploitation, with zero human intervention.

A complete security skill suite for OpenClaw's and NanoClaw agents (and variants). Protect your SOUL.md (etc') with drift detection, live security recommendations, automated audits, and skill integ…

A lightweight alternative to OpenClaw that runs in containers for security. Connects to WhatsApp, Telegram, Slack, Discord, Gmail and other messaging apps,, has memory, scheduled jobs, and runs dir…

"🐈 nanobot: The Ultra-Lightweight Personal AI Agent"

IronClaw is OpenClaw inspired implementation in Rust focused on privacy and security

Coding agent plugins

Open-source EDR for AI agents. Monitor processes, files, network, and behavior of autonomous AI agents.