Coming Soon

Protect Your MCP Servers
Before Threats Ship

SentriClaw scans MCP servers and AI agent tools for prompt injection, credential theft, and supply-chain attacks — 25 detection rules, real-time monitoring, and native Claude Code integration.

Join the Waitlist Learn More
sentriclaw
Capabilities

Security Built for the Agent Era

Six pillars protect your AI agent ecosystem from malicious tools, prompt injection, and supply-chain attacks.

Get Started

Up and Running in Minutes

When we launch, three steps to continuous security monitoring.

1

Install

pip install sentriclaw

One command. No config files, no Docker, no infrastructure.

2

Configure

sentriclaw watch --webhook $URL

Point it at your MCP servers and pass a webhook URL. Auto-discovers Claude, Cursor, VS Code, Windsurf, and Antigravity configs.

3

Protected

Watching 3 MCP servers...

Real-time filesystem monitoring with delta alerting. Only new threats trigger notifications.

Pricing

Free to Start. Built to Scale.

The full scanner will be free at launch. Join the waitlist to be first in line.

Under the Hood

25 Rules. 6 Categories. Full Coverage.

Every scan runs the full rule engine — deterministic, reproducible, no LLM variance.

7 rules

Content Analysis

Obfuscation, outbound URLs, shell execution, credential access, prompt injection, and data exfiltration.

5 rules

Structural Validation

YAML frontmatter, manifests, permission keys, suspicious file types, and oversized payloads.

3 rules

Permission Auditing

Disproportionate permissions, privilege escalation, and undeclared implicit access.

4 rules

IOC Matching

170k+ indicators — malicious publishers, domains, file hashes, and IP addresses. Fed by 6 live sources including URLhaus, ThreatFox, MalwareBazaar, and Feodo Tracker.

5 rules

MCP Server Scanning

Missing manifests, prompt injection in tool descriptions, excessive permissions, drift detection, and typosquatting.

1 rule Pro

ML Classification

DeBERTa-v3 deep learning classifier for sophisticated prompt injection that evades pattern matching.

Watch Daemon

OS-Native Events

FSEvents on macOS, inotify on Linux, ReadDirectoryChangesW on Windows. Near-instant detection, not polling.

Delta Alerting

Fingerprinted state file tracks known findings. Only new threats trigger notifications — no alert fatigue.

MCP Config Monitoring

Auto-watches Claude Desktop, Claude Code, Cursor, VS Code, Windsurf, and Antigravity MCP configs. New server added? Scanned immediately.

Notification Channels

Slack

Block Kit formatted alerts with severity, rule IDs, and evidence. Renders natively in any Slack channel.

Discord

Rich embeds with color-coded severity, inline fields, and timestamps. Designed for security channels.

Telegram

Bot API messages with Markdown formatting. Web preview disabled to prevent unfurling malicious URLs from findings.

Join the Waitlist

Be First When We Launch

Drop your info and we'll notify you as soon as SentriClaw is available.