ProofAI
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: proofai Version: 1.0.1 The bundle implements an MCP server for 'ProofAI,' a tool designed to provide cryptographic and blockchain-based certification for AI decisions. The code (src/index.ts) functions as a wrapper for a Supabase-hosted API (apzgbajvwzykygrxxrwm.supabase.co), facilitating data compression, execution, analysis, and anchoring to the Polygon blockchain. While the tool sends prompt and response data to an external endpoint and requires API keys, this behavior is explicitly aligned with its stated purpose of AI compliance and auditing. No evidence of malicious exfiltration, unauthorized command execution, or harmful prompt injection was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone with these keys may be able to use or access the associated ProofAI/Supabase service account according to the provider's permissions.
The MCP server uses ProofAI/Supabase credentials from environment variables and forwards them in API headers. This is expected for the service, but the credentials grant account/API access and should be protected.
const API_KEY = process.env.PROOFAI_API_KEY || "";
const ANON_KEY = process.env.PROOFAI_ANON_KEY || "";
... headers["x-api-key"] = API_KEY;
... headers["Authorization"] = `Bearer ${ANON_KEY}`;Use least-privilege keys if available, set them only for this MCP server, avoid sharing config files, and rotate keys if exposed.
Confidential prompts, responses, legal documents, source code, or business data submitted for certification may leave the local environment and become part of an external evidence record.
The skill sends full prompts and AI responses to an external Supabase-backed API for bundling/certification. This matches the product purpose, but it means submitted content may be stored or reused for audit/verification workflows.
const API_BASE = process.env.PROOFAI_API_URL || "https://apzgbajvwzykygrxxrwm.supabase.co/functions/v1";
... callAPI("bundle", {
...
promptContent: prompt,
aiResponse: response,
provider,
model,
})Submit only content you are allowed to upload to ProofAI, redact sensitive details where possible, and review the provider's retention, privacy, and deletion policies.
A future npm package update or package-name confusion could change what code is installed or executed.
The setup pulls an MCP server package from npm using npx without pinning an exact version. This is normal MCP installation plumbing, but package provenance and version drift matter.
"command": "npx", "args": ["-y", "@proofai/mcp-server"]
Install from a verified package source, consider pinning an exact version, and compare the npm package with the linked repository before use.
A user could over-rely on the tool's output for legal or regulatory compliance without independent review.
The skill makes strong compliance and assurance claims. The artifacts show an API-backed certification workflow, but users should not treat those claims as independent legal or regulatory validation.
Cryptographic proof that AI thought before it answered. EU AI Act Article 12 compliant.
Use the tool as supporting evidence only, and have compliance/legal staff validate whether its records satisfy your actual obligations.