Scan raw text content for AVE security vulnerabilities.

Use this to check skill file content, system prompts, MCP tool descriptions, or any agentic AI component before using it.

Returns findings with AVE IDs, AIVSS severity scores, OWASP MCP categories, and links to full remediation guidance. Also detects toxic flows where two findings combine into a complete attack chain.

Fetch and scan an MCP server-card for security vulnerabilities.

Fetches .well-known/mcp.json from the given server URL and scans all tool descriptions, parameter descriptions, and config schemas for AVE vulnerabilities before your agent connects.

This is the primary tool to run before adding any MCP server to your configuration. A poisoned server-card injects behavioral instructions at the discovery layer, before any tool call is made.

Credential-focused scan of skill file content.

Filters to AVE-2026-00047 (hardcoded credentials) and related rules only. Detects API keys, tokens, passwords, private keys, and URL-embedded credentials.

Use this when you specifically want to check whether a skill file contains hardcoded secrets before adding it to your agent config.

Delegation chain scan of skill file content.

Filters to AVE-2026-00048 (unsafe agent delegation) and related rules. Detects sub-agent spawning with inherited permissions and missing trust boundaries.

Use this when evaluating a skill that spawns sub-agents or delegates tasks to other agents.

Insert a justified suppression comment into a skill file.

Marks a finding as a false positive or accepted risk with a documented reason, reviewer, and optional expiry date. The suppression is written directly into the file as a structured comment that lives in version control and shows up in PR reviews.

Accepted risks with an expiry date automatically resurface as active findings on the next scan after the expiry date passes.

Score an MCP server manifest against the MCP specification.

Runs 18 checks across 3 tiers (REQUIRED, RECOMMENDED, BEST PRACTICE) and returns a grade from A+ to F. A server is conformant when all REQUIRED checks pass.

Get the full AVE record for a specific vulnerability ID.

Returns the complete record including title, description, AIVSS score, behavioral fingerprint, indicators of compromise, OWASP MCP mapping, and remediation steps.

Search AVE records by keyword.

Searches across AVE ID, title, attack class, description, and behavioral fingerprint. Returns matching records with severity, AIVSS score, and a link to the full record.

List AVE records with optional filters.

Use this to browse the full AVE database or filter by severity, component type, or OWASP MCP category.

Check a directory for skill file rug pull drift.

Compares current SHA-256 hashes of skill files against the pins stored in .bawbel-pins.json. Reports any files that changed after the last audit.

Run bawbel pin from the CLI to create the initial pin file.