AI Agent Security

Your AI Agent Needs a Trust Layer.

NemoClaw secures the runtime. VettIQ secures the supply chain. Vet every MCP server and skill before it runs inside your agent's sandbox.

Browse MCP DirectoryGet a Security Blueprint

The Problem

AI agents install third-party MCP servers and skills from GitHub without any security vetting.

🚨

No Supply Chain Checks

Developers install MCP servers with a single command. No one checks the code for prompt injection, credential theft, or malware before it runs.

📦

Sandboxes Aren't Enough

NemoClaw's OpenShell sandboxes execution. But a malicious skill inside a sandbox is still malicious — it can exfiltrate data, leak secrets, or abuse API keys.

🔍

2,000+ Unvetted Servers

The MCP ecosystem is growing fast. VettIQ has discovered over 2,000 MCP servers on GitHub. Most have never been security-reviewed.

How VettIQ + NemoClaw Work Together

VettIQ vets the supply chain. NemoClaw enforces the runtime. Defense in depth.

1

Developer finds an MCP server on GitHub

2

Checks vettiq.ai/mcp for trust score

3

Sees: APPROVED (risk score 12/100)

Scanned by Snyk, Cisco Kenna, Semgrep & VirusTotal

4

Installs into NemoClaw with confidence

5

NemoClaw enforces runtime guardrails

VettIQ + NemoClaw = Defense in Depth

What VettIQ Scans

Every MCP server on GitHub is automatically discovered, scanned through 4 security engines, and published with a trust score.

Snyk

Prompt injection & code vulnerabilities

Cisco Kenna

Dependency risk scoring

Semgrep

Dangerous code patterns

VirusTotal

Malware signature matching

Risk Scoring

0 – 30Approved
31 – 65Guardrails Required
66+Rejected

MCP Trust Directory

Browse 2,064+ MCP servers, each scanned and risk-scored. Free to use, no login required.

2,064+
MCP Servers Scanned
1,257+
Approved
4
Security Scanners
Browse the MCP DirectoryGet a Security Blueprint

Frequently Asked Questions

How does VettIQ work with NemoClaw?

NemoClaw sandboxes your AI agent at runtime with OpenShell. VettIQ scans MCP servers and skills upstream — before they enter the sandbox. Together they provide defense in depth: VettIQ vets the supply chain, NemoClaw enforces runtime guardrails.

What does VettIQ scan MCP servers for?

Every MCP server is scanned by 4 engines: Snyk (prompt injection & code vulnerabilities), Cisco Kenna (dependency risk), Semgrep (dangerous code patterns), and VirusTotal (malware signatures). The results are combined into a single risk score from 0 to 100.

Is the MCP Trust Directory free?

Yes. The MCP Trust Directory at vettiq.ai/mcp is free to browse with no login required. Every MCP server on GitHub is automatically discovered, scanned, and published with a trust score.

Does VettIQ work with agents other than NemoClaw?

Yes. The MCP Trust Directory and skill vetting pipeline work with any agent platform that uses MCP servers — Claude Code, Cursor, Windsurf, OpenClaw, or custom agents. NemoClaw is featured because it provides the strongest runtime complement to VettIQ's supply chain scanning.

Do I need to install anything?

No. Just browse vettiq.ai/mcp, check the trust score of any MCP server, and install it into your agent with confidence. For automated rules, download a free Security Blueprint.