HarmonicSecurity

HarmonicSecurity / claudit-sec

Public

Security audit tool for Claude Desktop and Claude Code on macOS — single-command visibility into MCP servers, extensions, plugins, connectors, scheduled tasks, and permissions.

ai-security audit-tool claude claude-ai claude-code
13
0
100% credibility
Found Mar 20, 2026 at 13 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Shell
AI Summary

A read-only security auditing tool for Claude Desktop on macOS that examines AI agent configurations, extensions, plugins, scheduled tasks, and related settings to highlight potential risks.

How It Works

1
🔍 Discover CLAUDIT

While checking on your AI assistant's safety on Mac, you find this simple security checker tool.

2
📱 Visit the page

Go to the tool's homepage on the web to learn more about keeping your settings secure.

3
💾 Download it

Save the tool's folder to your Mac's downloads with one click from the page.

4
📁 Open the folder

Unzip and move into the new folder where the checker lives on your computer.

5
🚀 Start the check

Run the easy checker to scan your AI assistant's hidden settings and risks.

6
📊 See your report

Get a colorful list showing what's safe, what to watch, and tips for better security.

Stay secure

Now you have full visibility into your AI setup and can make smart choices confidently.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 13 to 13 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is claudit-sec?

Claudit-sec is a Shell script that runs a read-only security audit on Claude Desktop and Claude Code setups on macOS, scanning MCP servers, extensions, plugins, connectors, scheduled tasks, and permissions with one command. It pulls visibility into scattered JSON configs for AI agents and autonomous features that lack a central dashboard, spitting out color-coded terminal reports, HTML exports, or JSON for SIEM tools. Built around jq for parsing, it redacts secrets automatically.

Why is it gaining traction?

Unlike generic github security scanning or broad security audit software, this nails Claude-specific risks like cron-scheduled AI tasks, OAuth connectors, and plugin hooks that could execute shell commands. Developers grab it for the zero-setup install, multi-user root scans, and quiet mode that filters to WARN/CRITICAL only—perfect for quick github security advisories-style checks on AI endpoints. The standalone HTML reports and structured JSON make it dead simple to integrate into security audit logs or compliance workflows.

Who should use this?

Mac admins deploying Claude Desktop across teams via MDM or Jamf need it for fleet-wide audits spotting unsigned extensions or risky MCP servers. Security auditors reviewing AI enablement in orgs will value the findings on disabled tools and runtime processes. Devs tinkering with Claude's CoWork or skills on personal Macs get fast insight before enabling browser control or web search.

Verdict

Grab it if you're auditing Claude on macOS—solid user-facing features and docs outweigh the 1.0% credibility score and 13 stars signaling early maturity. Run it now for peace of mind, but watch for broader platform support as it grows.

(187 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.