Add MseeP.ai badge

[lwsinclair]

Hi there,

This pull request shares a security update on ClaraVerse.

We also have an entry for ClaraVerse in our directory, MseeP.ai, where we provide regular security and trust updates on your app.

We invite you to add our badge for your MCP server to your README to help your users learn from a third party that provides ongoing validation of ClaraVerse.

You can easily take control over your listing for free: visit it at https://mseep.ai/app/badboysm890-claraverse.

Yours Sincerely,

Lawrence W. Sinclair
CEO/SkyDeck AI
Founder of MseeP.ai
MCP servers you can trust

---

Here are our latest evaluation results of ClaraVerse

Security Scan Results

Security Score: 43/100

Risk Level: critical

Scan Date: 2025-08-31

Score starts at 100, deducts points for security issues, and adds points for security best practices

Detected Vulnerabilities

High Severity

• form-data
  • [{'source': 1106507, 'name': 'form-data', 'dependency': 'form-data', 'title': 'form-data uses unsafe random function in form-data for choosing boundary', 'url': 'https://github.com/advisories/GHSA-fjxv-7rqg-78g4', 'severity': 'critical', 'cwe': ['CWE-330'], 'cvss': {'score': 0, 'vectorString': None}, 'range': '>=4.0.0 <4.0.4'}]
  • Fixed in version: unknown

Medium Severity

• @eslint/plugin-kit

  • [{'source': 1106734, 'name': '@eslint/plugin-kit', 'dependency': '@eslint/plugin-kit', 'title': '@eslint/plugin-kit is vulnerable to Regular Expression Denial of Service attacks through ConfigCommentParser', 'url': 'https://github.com/advisories/GHSA-xffm-g5w8-qvg7', 'severity': 'low', 'cwe': ['CWE-1333'], 'cvss': {'score': 0, 'vectorString': None}, 'range': '<0.3.4'}]
  • Fixed in version: unknown

• external-editor

  • ['tmp']
  • Fixed in version: unknown

• inquirer

  • ['external-editor']
  • Fixed in version: unknown

• ... and 14 more medium severity vulnerabilities

Security Findings

Medium Severity Issues

• semgrep: Use of child_process.exec() with dynamic input detected. This can lead to command injection.

  • Location: electron/dockerSetup.cjs
  • Line: 1529

• semgrep: Use of child_process.exec() with dynamic input detected. This can lead to command injection.

  • Location: electron/llamaSwapService.cjs
  • Line: 5345

• ... and 4 more medium severity issues

This security assessment was conducted by MseeP.ai, an independent security validation service for MCP servers. Visit our website to learn more about our security reviews.

Summary by CodeRabbit

• Documentation
  • Added a security badge to the top of the README, providing a quick link to the project’s security status page for easier visibility and access.
  • Placement: inserted above the existing header block with appropriate spacing for readability.
  • No functional or content changes to the application; this is a presentational update to improve transparency and user confidence.

[netlify]

✅ Deploy Preview for clara-ollama ready!

Name	Link
🔨 Latest commit	d70df50
🔍 Latest deploy log	https://app.netlify.com/projects/clara-ollama/deploys/68b448686222f9000828e488
😎 Deploy Preview	https://deploy-preview-203--clara-ollama.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[coderabbitai]

Walkthrough

Added a security badge link to MseeP.ai at the top of README.md, inserting a new line and a blank line above existing content. No other content changed.

Changes

Cohort / File(s)	Summary of edits
Docs README.md	Inserted a security badge line at the very top and added a following blank line; no existing content modified or removed.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

I pinned a badge with tidy cheer,
A shiny shield up front and clear.
Hop-hop! the README’s dressed just right—
One line added, crisp and bright.
Burrow secure, commit in tune,
Carrots and checks—review done soon. 🥕✨

Tip

🔌 Remote MCP (Model Context Protocol) integration is now available!

Pro plan users can now connect to remote MCP servers from the Integrations page. Connect with popular remote MCPs such as Notion and Linear to add more context to your reviews and chats.

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore or @coderabbit ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

README.md (1)

1-2: Place the badge with existing shields (or center it) and standardize the link markup.

• Consistency: Consider moving the badge into the centered shields block (around Lines 30–35) to match the README’s layout.
• If you keep it at the top, wrap it in a centered HTML block and add rel attributes for safety; also verify mseep.net is an official asset host for mseep.ai.

Option A — keep at top but center + add rel:

-[![MseeP.ai Security Assessment Badge](https://mseep.net/pr/badboysm890-claraverse-badge.png)](https://mseep.ai/app/badboysm890-claraverse)
-
+<p align="center">
+  <a href="https://mseep.ai/app/badboysm890-claraverse" rel="noopener noreferrer nofollow">
+    <img alt="MseeP.ai Security Assessment Badge" src="https://mseep.net/pr/badboysm890-claraverse-badge.png" />
+  </a>
+</p>

Option B — relocate with other shields (recommended):

-[![MseeP.ai Security Assessment Badge](https://mseep.net/pr/badboysm890-claraverse-badge.png)](https://mseep.ai/app/badboysm890-claraverse)
-

Then insert this next to the other badges (Lines 30–35 area):

[![MseeP.ai Security Assessment Badge](https://mseep.net/pr/badboysm890-claraverse-badge.png)](https://mseep.ai/app/badboysm890-claraverse)

Also consider adding a short “Security status” subsection noting this is an independent assessment and linking to the live report for context.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 27a89c4 and d70df50.

📒 Files selected for processing (1)

• README.md (1 hunks)