Search everything...

Stats

Actions

Available In

repo-forensics

Name: repo-forensics
Author: alexgreensh

By alexgreensh

Audits AI-agent repositories, skills, plugins, and MCP servers for security threats like prompt injection, credential theft, and CVEs, with cross-ecosystem risk analysis and automated scanning on session start and before/after Bash tool calls.

npx claudepluginhub alexgreensh/repo-forensics --plugin repo-forensics

Popularity

Stars

Top 10%

107

Med: 0·Avg: 285

Installs

Med: 0·Avg: 1

What's Inside

Skills2

Forensify

/forensify

The agent stack you have already installed is your biggest blind spot.

repo-forensics

/repo-forensics

Security forensics for git repos, AI skills, and MCP servers. Audits dependencies, detects prompt injection, credential theft, runtime dynamism, manifest drift, known CVEs, CISA KEV (actively exploited) vulns, and 2026 attack patterns. Not for fixing vulnerabilities or pentesting.

Hooks1

Event Hooks

Bash

4 hooks across 3 events

Stats

Version2.11.1

ReleasedJun 17, 2026

LanguagePython

Stars107

Forks17

MaintenanceExcellent

LicensePolyForm-Noncommercial-1.0.0

Last CommitJun 17, 2026

AddedApr 2, 2026

Actions

View on GitHub View README Plugin Marketplace JSON

Own this plugin?

Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).

Available In

alexgreensh-repo-forensics107

Safety Signals

Caution

Executes bash commands

Hook triggers when Bash tool is used

README

Repo Forensics v2

Repo Forensics

npm audit for AI-agent plugins, skills, and MCP servers.

Audit untrusted repos before they touch your agent. Fully local, self-updating detection, zero dependencies, zero telemetry.

Install

Claude Code (auto-scan on install)

/plugin marketplace add alexgreensh/repo-forensics
/plugin install repo-forensics@alexgreensh-repo-forensics

Hooks auto-wire on install. Every git clone, npm install, pip install is scanned automatically. Known-malicious packages are blocked before execution.

Codex CLI (auto-scan on install)

Install the plugin via the Codex marketplace. Hooks auto-wire from plugin.json. Same three hooks as Claude Code: PreToolUse (IOC gate), PostToolUse (auto-scan), SessionStart (security scan).

codex plugin marketplace add .
codex plugin add repo-forensics@alexgreensh-repo-forensics

For a local checkout/manual wire-up:

python3 scripts/codex_install.py
# restart Codex, then prove Codex registered the hooks
python3 scripts/codex_install.py --verify --require-registered

Codex v0.137+ inventory uses codex plugin list --json when available, falling back to filesystem manifests on older installs.

OpenClaw (one-time setup)

Install the plugin, then wire hooks:

python3 scripts/openclaw_install.py

View full README on GitHub

repo-forensics

Popularity

What's Inside

Confidence

README

Repo Forensics

npm audit for AI-agent plugins, skills, and MCP servers.

Install

Similar Plugins

everything-claude-code

cc-polymath

ecc

More by alexgreensh

token-optimizer

Repo Forensics

npm audit for AI-agent plugins, skills, and MCP servers.

Install

Popularity

Health & Quality

More by alexgreensh

token-optimizer

Similar Plugins

everything-claude-code

cc-polymath

ecc