Run AI agents in secure microVM sandboxes with network and privacy guardrails.
This MCP tool comes from an official source and is open source, with no clear red flags sufficient for a high-risk rating. However, the materials are very sparse, it requires API credentials, has code-execution capability, and does not clearly document network behavior, so it should be used with caution.
The materials show that DECLAW_API_KEY and DECLAW_DOMAIN are required. The API key is a sensitive credential and could enable unauthorized service access if exposed; the domain is also environment-configurable, so its source and allowed values should be tightly controlled.
The remote endpoint field says 'none', yet the presence of DECLAW_DOMAIN indicates the tool may communicate with a Declaw-related domain as configured. The materials do not clearly state what user data may be sent out or to which fixed hosts, so network transparency is limited and warrants caution.
The system flags executes-code, and the description mentions Firecracker microVM sandboxes, indicating the tool starts or manages isolated execution environments on the local machine. This is a normal high-privilege capability for such tools, so the effective system-resource access and isolation boundaries should be reviewed.
The description emphasizes sandboxing and guardrails for AI agents, but there is no README detailing which local files it can read, what directories may be mounted, or whether execution artifacts/logs are retained. There is no explicit evidence of overbroad access, but the data-access scope is insufficiently documented.
The source is an official registry entry and there is an auditable open-source repository with updates within the last year; these are strong risk-reducing factors. Although the README is absent, the license is unspecified, and community stars are low, the available evidence supports a low—not high—supply-chain risk rating.
Copy the install command and let the AI configure it · recommended for beginners
Please install the "io.github.declaw-ai/mcp-server" MCP server from askskill: Run: claude mcp add 'io-github-declaw-ai-mcp-server' -- npx -y @declaw/mcp-server
Use declaw's Firecracker microVM sandbox to run this AI agent task: fetch the specified API docs and generate a summary; allow access only to api.example.com, block local filesystem access, and log all network requests.
A task result summary from the restricted environment, plus logs of network access and sandbox policy enforcement.
Before running a web-browsing agent, enable declaw's prompt injection defenses and PII protection; if page content tries to induce leakage of keys, emails, or customer data, block it immediately and provide an alert explanation.
An explanation of blocked risky behavior, the triggered guardrails, and recommendations for safe continuation.
Help me design a least-privilege network policy for a code review AI agent: allow access only to github.com and the internal artifact repository, deny all other outbound connections by default, and provide an example policy configuration I can apply directly.
A clear network allowlist policy, default-deny rules, and a practical configuration example.
Protect AI agents with scans for injections, leaks, risky URLs, and passwords.
Build, deploy, and operate secure, observable AI agent MCP infrastructure.
Provide signed, verifiable risk verdicts for every AI-driven payment action.
Provide controlled repository access for AI coding agents with redaction and audit logs.
Run commands, manage long jobs, and transfer files in AI sandboxes.
Add authorization, delegation, provenance, and audit controls to AI agents.