ProofAI
PassAudited by ClawScan on May 10, 2026.
Overview
ProofAI appears to do what it claims, but using it sends AI prompts/responses to a ProofAI/Supabase backend and uses service credentials, so users should treat submitted content as third-party data.
Install only if you trust the ProofAI npm package and backend service. Pin or verify the package where possible, protect the configured API keys, and do not certify or log sensitive prompts/responses unless your organization approves sending them to ProofAI and retaining them as audit evidence.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone with these keys may be able to use or access the associated ProofAI/Supabase service account according to the provider's permissions.
The MCP server uses ProofAI/Supabase credentials from environment variables and forwards them in API headers. This is expected for the service, but the credentials grant account/API access and should be protected.
const API_KEY = process.env.PROOFAI_API_KEY || "";
const ANON_KEY = process.env.PROOFAI_ANON_KEY || "";
... headers["x-api-key"] = API_KEY;
... headers["Authorization"] = `Bearer ${ANON_KEY}`;Use least-privilege keys if available, set them only for this MCP server, avoid sharing config files, and rotate keys if exposed.
Confidential prompts, responses, legal documents, source code, or business data submitted for certification may leave the local environment and become part of an external evidence record.
The skill sends full prompts and AI responses to an external Supabase-backed API for bundling/certification. This matches the product purpose, but it means submitted content may be stored or reused for audit/verification workflows.
const API_BASE = process.env.PROOFAI_API_URL || "https://apzgbajvwzykygrxxrwm.supabase.co/functions/v1";
... callAPI("bundle", {
...
promptContent: prompt,
aiResponse: response,
provider,
model,
})Submit only content you are allowed to upload to ProofAI, redact sensitive details where possible, and review the provider's retention, privacy, and deletion policies.
A future npm package update or package-name confusion could change what code is installed or executed.
The setup pulls an MCP server package from npm using npx without pinning an exact version. This is normal MCP installation plumbing, but package provenance and version drift matter.
"command": "npx", "args": ["-y", "@proofai/mcp-server"]
Install from a verified package source, consider pinning an exact version, and compare the npm package with the linked repository before use.
A user could over-rely on the tool's output for legal or regulatory compliance without independent review.
The skill makes strong compliance and assurance claims. The artifacts show an API-backed certification workflow, but users should not treat those claims as independent legal or regulatory validation.
Cryptographic proof that AI thought before it answered. EU AI Act Article 12 compliant.
Use the tool as supporting evidence only, and have compliance/legal staff validate whether its records satisfy your actual obligations.