Disclaimer
Last updated: February 2026
No Professional Security Advice
ClawSecurity is an automated security scanning tool. It is not a substitute for professional security audits, penetration testing, or expert security consultation. The results provided by ClawSecurity should be used as one input among many in your security assessment process.
Best-Effort Results
Scan results are generated on a best-effort basis using open-source security engines (Semgrep, Trivy, osv-scanner) and custom detection rules. No automated scanner can detect all vulnerabilities. False positives and false negatives may occur. You should not rely solely on ClawSecurity for your security posture.
Remediation Patches
Remediation patches generated by ClawSecurity are suggestions only. They may introduce new bugs, break functionality, or be incomplete. Always review patches in a development environment, run your test suite, and validate changes before deploying to production. You apply all patches at your own risk.
No Guarantee of Completeness
A clean scan does not mean your codebase is free of vulnerabilities. Security is an ongoing process that requires multiple layers of defense, regular audits, and continuous monitoring. ClawSecurity is one tool in your security toolkit, not a comprehensive solution.
Use at Your Own Risk
By using ClawSecurity, you acknowledge and agree that you use the Service entirely at your own risk. You are solely responsible for any consequences resulting from your use of scan results, remediation patches, or any other output of the Service. You agree to indemnify and hold harmless ClawSecurity and its contributors from any claims, damages, or liability arising from your use of this Service.