/ Каталог / Песочница / repo-forensics
← Все серверы ↗ GitHub
● Сообщество alexgreensh ⚡ Сразу

repo-forensics

автор alexgreensh · alexgreensh/repo-forensics

18 defensive scanners that vet a repo, skill, MCP server, or plugin for prompt injection, secrets, lifecycle hooks, typosquats, and tamper traces before you install.

Repo-forensics is a defensive audit tool aimed at the 'nobody does it' problem: vetting third-party code before installing it with full system access. 18 parallel scanners cover runtime dynamism, manifest drift, prompt-injection in SKILL.md, MCP tool poisoning, DAST of hook scripts, secrets, SAST, AST analysis, dependency typosquats, lifecycle hooks, entropy payloads, IaC misconfigs, binary disguises, post-incident traces, and git-commit spoofing. Zero deps.

▶ Смотреть демо 📦 Установить 💡 Сценарии

Зачем использовать

Ключевые функции

Живое демо

Как выглядит на практике

repo-forensics-skill.replay ▶ готово
0/0

Установка

Выберите клиент

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "repo-forensics-skill": {
      "command": "git",
      "args": [
        "clone",
        "https://github.com/alexgreensh/repo-forensics",
        "~/.claude/skills/repo-forensics"
      ],
      "_inferred": true
    }
  }
}

Откройте Claude Desktop → Settings → Developer → Edit Config. Перезапустите после сохранения.

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "repo-forensics-skill": {
      "command": "git",
      "args": [
        "clone",
        "https://github.com/alexgreensh/repo-forensics",
        "~/.claude/skills/repo-forensics"
      ],
      "_inferred": true
    }
  }
}

Cursor использует ту же схему mcpServers, что и Claude Desktop. Конфиг проекта приоритетнее глобального.

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "repo-forensics-skill": {
      "command": "git",
      "args": [
        "clone",
        "https://github.com/alexgreensh/repo-forensics",
        "~/.claude/skills/repo-forensics"
      ],
      "_inferred": true
    }
  }
}

Щёлкните значок MCP Servers на боковой панели Cline, затем "Edit Configuration".

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "repo-forensics-skill": {
      "command": "git",
      "args": [
        "clone",
        "https://github.com/alexgreensh/repo-forensics",
        "~/.claude/skills/repo-forensics"
      ],
      "_inferred": true
    }
  }
}

Тот же формат, что и Claude Desktop. Перезапустите Windsurf для применения.

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "repo-forensics-skill",
      "command": "git",
      "args": [
        "clone",
        "https://github.com/alexgreensh/repo-forensics",
        "~/.claude/skills/repo-forensics"
      ]
    }
  ]
}

Continue использует массив объектов серверов, а не map.

~/.config/zed/settings.json
{
  "context_servers": {
    "repo-forensics-skill": {
      "command": {
        "path": "git",
        "args": [
          "clone",
          "https://github.com/alexgreensh/repo-forensics",
          "~/.claude/skills/repo-forensics"
        ]
      }
    }
  }
}

Добавьте в context_servers. Zed перезагружается автоматически.

claude mcp add repo-forensics-skill -- git clone https://github.com/alexgreensh/repo-forensics ~/.claude/skills/repo-forensics

Однострочная команда. Проверить: claude mcp list. Удалить: claude mcp remove.

Сценарии использования

Реальные сценарии: repo-forensics

Audit a third-party skill before you clone it into ~/.claude/skills

👤 Anyone installing skills from strangers on GitHub ⏱ ~15 min beginner

Когда использовать: Someone sent you a cool-looking skill link. Before clone, you want to know if it's safe.

Предварительные требования
  • repo-forensics installed — git clone https://github.com/alexgreensh/repo-forensics ~/.claude/skills/repo-forensics
Поток
  1. Point at the target repo URL
    Use repo-forensics. Scan https://github.com/<author>/<skill> with the skill_threats, secrets, dataflow, and lifecycle scanners. Report findings.✓ Скопировано
    → Per-scanner report with severity flags
  2. Read correlated findings
    Any correlations across scanners — e.g. a secret-leak path plus a lifecycle hook?✓ Скопировано
    → Correlation summary

Итог: A go / no-go decision grounded in scanner output, not vibes.

Подводные камни
  • Trusting a green scan as full proof of safety — Scanners are strong floor, not a ceiling — still read SKILL.md
Сочетать с: github · filesystem

Audit an MCP server for tool poisoning and rug-pull patterns

👤 Teams onboarding a new MCP into a production agent stack ⏱ ~20 min intermediate

Когда использовать: Before adding a new MCP server to an agent with real permissions.

Поток
  1. Run MCP-focused scanners
    Scan this MCP server repo with mcp_security, skill_threats, integrity, and dast.✓ Скопировано
    → Findings focused on tool descriptions and install scripts
  2. Check git history for identity spoofing
    Run git_forensics on the same repo — any spoofed commits?✓ Скопировано
    → Author / signing analysis

Итог: An MCP security dossier before you wire it into your agent.

Run post-incident scanners after a suspicious install

👤 Anyone who just ran npm/pip install and feels uneasy ⏱ ~15 min intermediate

Когда использовать: Install finished with unexpected behavior; you want to know if something landed.

Поток
  1. Run post_incident + entropy scans
    Run post_incident scanner on ~/.npm and the current project. Also entropy scan the installed packages.✓ Скопировано
    → Flags for suspicious cached artifacts or encoded payloads

Итог: Evidence of whether to rotate secrets and rebuild.

Подводные камни
  • Running scans from the potentially-compromised shell — Run from a fresh shell or another machine when in doubt

Комбинации

Сочетайте с другими MCP — эффект x10

repo-forensics-skill + github

Pull a PR's diff and scan only the added files

Fetch PR #123 and run repo-forensics just on the files it adds.✓ Скопировано
repo-forensics-skill + filesystem

Scan a locally cloned repo and save a JSON report

Scan ./suspicious-repo and write findings.json next to it.✓ Скопировано

Инструменты

Что предоставляет этот MCP

ИнструментВходные данныеКогда вызыватьСтоимость
skill_threats repo path Any skill audit 0
mcp_security repo path MCP audits 0
secrets repo path Always 0
dataflow repo path Suspicious egress concerns 0
lifecycle repo path Pre-install 0
git_forensics repo path Checking maintainer identity 0
entropy repo path Obfuscation suspected 0
sast repo path General code risk 0

Стоимость и лимиты

Во что обходится

Квота API
None
Токенов на вызов
Moderate — scanner output summarization can grow
Деньги
Free
Совет
Run only the scanners relevant to the threat model (skills → skill_threats; MCP → mcp_security)

Безопасность

Права, секреты, радиус поражения

Хранение учётных данных: None — scanner is read-only
Исходящий трафик: Local-only by default
Никогда не давайте: Write access to the repo under audit

Устранение неполадок

Частые ошибки и исправления

Scanner reports 0 findings on obviously sketchy repo

Ensure you ran against the full repo path, not a subset; check scanner selection

Проверить: repo-forensics list-scanners
False positives flood the report

Filter by severity; focus on high/critical; use correlation to prioritize

Альтернативы

repo-forensics в сравнении

АльтернативаКогда использоватьКомпромисс
claude-cybersecurityYour code needs OWASP-style app security review rather than supply-chain vettingDifferent focus — app logic vs install-time threats
gitleaks / trufflehogYou only need secret scanningSingle-scanner, not correlation

Ещё

Ресурсы

📖 Читать официальный README на GitHub

🐙 Открытые задачи

🔍 Все 400+ MCP-серверов и Skills