Claude Skill
Nova-Hunting/nova-proximity
Nova-Proximity 是一款基于 Python 的 MCP 和 Claude Skill 环境安全扫描器,由 NOVA 框架驱动,用于识别 AI 代理生态系统中的漏洞。
概览
仓库信息
安装这个 Skill
git clone https://github.com/fr0gger/nova-proximity.gitRegistry 信息
git clone https://github.com/fr0gger/nova-proximity.gitpip install -r requirements.txtpip install nova-hunting
项目简介
Nova-Proximity 是一款针对 MCP(模型上下文协议)和 Claude Skill 环境的安全扫描器,由 NOVA 框架驱动。它帮助识别这些 AI 代理生态系统中潜在的安全漏洞。
Nova-Proximity is a MCP and Agent Skills security scanner powered with NOVA
要点
- 针对 MCP 和 Claude Skill 环境的安全扫描器
- 由 NOVA 框架驱动
- 识别 AI 代理生态系统中的潜在漏洞
- 使用 Python 编写
使用场景
- MCP 实现的安全审计
- Claude Skill 部署的漏洞扫描
- AI 代理生态系统安全评估
- AI 工具的主动安全监控
README 摘要
# Nova Proximity - MCP and Skills Security Scanner <div align="center"> ``` ███╗ ██╗ ██████╗ ██╗ ██╗ █████╗ ██████╗ ██████╗ ██████╗ ██╗ ██╗ ████╗ ██║██╔═══██╗██║ ██║██╔══██╗ ██╔══██╗██╔══██╗██╔═══██╗╚██╗██╔╝ ██╔██╗ ██║██║ ██║██║ ██║███████║ ██████╔╝██████╔╝██║ ██║ ╚███╔╝ ██║╚██╗██║██║ ██║╚██╗ ██╔╝██╔══██║ ██╔═══╝ ██╔══██╗██║ ██║ ██╔██╗ ██║ ╚████║╚██████╔╝ ╚████╔╝ ██║ ██║ ██║ ██║ ██║╚██████╔╝██╔╝ ██╗ ╚═╝ ╚═══╝ ╚═════╝ ╚═══╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═╝ ``` A security scanner for MCP (Model Context Protocol) servers and Agent Skills [](https://python.org) [](LICENSE) [](https://github.com/fr0gger/nova-proximity) [](https://twitter.com/fr0gger_) </div> ## Overview Nova Proximity scans MCP (Model Context Protocol) servers and Agent Skills to discover tools, prompts, and resources. It provides detailed analysis of server capabilities and security evaluation using NOVA rules to detect potential security issues like prompt injection, jailbreak attempts, and suspicious code patterns. ### Key Features - **MCP Server Scanning**: Discover tools, prompts, and resources with full parameter analysis - **Agent Skills Analysis**: Comprehensive skill overview, structure, permissions, and security - **NOVA Security Rules**: Pattern-based security analysis with LLM evaluation - **MCP Spec 2025-11-25**: Full support including Streamable HTTP, session management, and tool annotations - **Pattern-Specific Remediation**: Actionable guidance for each security findi
话题
暂无话题