io.github.AperionAI/shield

MCPcommunity
v1.0.1io.github.AperionAIUnknownUpdated 22d agoGitHub

Local guardrail proxy that blocks destructive MCP tool calls, rug pulls, and tool poisoning

is a tiny, local MCP guardrail that sits between your AI coding agent (Cursor, Claude Code, …) and the real MCP servers your agent talks to (postgres, github, shell, filesystem, …) — local stdio servers and, since v0.9, remote Streamable HTTP ones. On every it evaluates 50+ adaptive safety rules (plus an optional 40-rule community pack) across eight destructive surfaces — SQL, git, filesystem,…

Automatically indexed from public sources. Not yet verified by the developer on Forge.Claim this listing →
22d agoLast update
Package
Authorio.github.AperionAI
LicenseUnknown
Version1.0.1
Sourcemcp-registry
Trust Status
B
60/100Good
Listed in Forge index+10/10
Publisher identity verified+0/25
Publisher: run `forge publish` from the package repo to claim ownership
Ed25519 publish signature+0/10
Included automatically when the publisher runs `forge publish`
Domain verification+0/5
Publisher: host /.well-known/forge.json on the package homepage with { "publisher": "<github-login>" }
CVE scan · not run+0/30
Not yet scanned — package must be on npm
Static analysis · clean+20/20
npm provenance (Sigstore)+0/5
Publish from GitHub Actions with the --provenance flag
Paste into Claude Code, Cursor, or any AI assistant to fix all gaps
StatusCommunity-indexed
PublisherUnverified
SignatureUnsigned
Domain
Provenance
DependenciesNot audited
Tool surface
Security scan✓ CleanvHEAD · 19d ago
EvalsNone
IndexedJun 13, 2026

Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.

About

is a tiny, local MCP guardrail that sits between your AI coding agent (Cursor, Claude Code, …) and the real MCP servers your agent talks to (postgres, github, shell, filesystem, …) — local stdio servers and, since v0.9, remote Streamable HTTP ones. On every it evaluates 50+ adaptive safety rules (plus an optional 40-rule community pack) across eight destructive surfaces — SQL, git, filesystem, secrets exfiltration, supply-chain RCE, reverse shells, sudo / privilege escalation, cloud…

Keywords
mcp