Couple of quick questions.. Are the security rules evaluated locally on the machine, or does it require an external API check before a tool call is allowed? How do you handle the balance between blocking unsafe commands and not getting in the developer's way with too many false alarms?
Security rules: There are 2 kinds of rules we check. One is checking for security advisories for components by looking up centralized a CVE database (osv.dev). This requires an API call. The other type of check we do is for "posture" (e.g., using http instead of https, using unpinned versions). This is completely local an doesnt require an API call.
Enforcement: Currently, the scanner works in informational mode, even in Claude Code. It shows you scan findings but doesn't block any tool calls or skill invocations. This is on our roadmap.
False positives: One of the things OpenACA does differently from the other skill/mcp scanners out there is that it doesn't run its own detection algorithm based on contents, which is a major source of false positives. Instead OpenACA extracts the stable ID of the component and looks up an advisory database like osv.dev which has known confirmed vulnerabilities.