AIShield
Scans MCP servers and AI tools for security risks, providing 4-dimensional scoring and badges, with optional guardrail MCP for auto-protection.
README
<div align="center">
🛡️ AIShield
Agent-Native AI Tool Security Scanner
Scan MCP servers, AI skills, GPTs, and prompts for security risks. 4-dimensional scoring. Certified badges. Guardrail MCP for auto-protection.
</div>
🚀 Quick Start
1. MCP Server (Claude Desktop / Cursor)
{
"mcpServers": {
"aishield": {
"command": "npx",
"args": ["aishield-mcp"]
}
}
}
2. Python SDK
pip install aishield
from aishield import AIShield
shield = AIShield()
result = shield.scan("https://github.com/modelcontextprotocol/servers")
print(result.overall_score) # 85
print(result.badge_level) # "gold"
3. Guardrail MCP (Auto-protection)
{
"mcpServers": {
"aishield-guardrail": {
"command": "npx",
"args": ["aishield-guardrail"],
"env": {
"AISHIELD_API_KEY": "your-key"
}
}
}
}
Put aishield-guardrail FIRST in your config. It intercepts all tool installs and blocks unsafe ones.
4. GitHub Action
- uses: aishield/audit@v1
with:
api_key: ${{ secrets.AISHIELD_KEY }}
fail_on_risk: true
🛡️ What AIShield Scans
| Category | Detection |
|---|---|
| Tool Poisoning | Hidden adversarial instructions in tool descriptions |
| Prompt Injection | Malicious prompts that hijack agent behavior |
| Command Execution | child_process, subprocess, os.system |
| Data Exfiltration | Unauthorized network calls, telemetry |
| Credential Leaks | Hardcoded API keys, tokens, passwords |
| Dangerous APIs | File system, network, shell, database access |
| Supply Chain | Malicious dependencies, typosquatting |
| Code Quality | Error handling, input validation, docs |
📊 Scoring
4-dimensional scoring (0-100):
| Dimension | Weight | What it measures |
|---|---|---|
| Security | 40% | Code vulnerabilities, dangerous APIs |
| Privacy | 25% | Data exfiltration, telemetry |
| Quality | 20% | Code quality, documentation |
| Performance | 15% | Resource usage, efficiency |
Badges: 🥇 Gold (≥85) | 🥈 Silver (≥70) | 🥉 Bronze (≥55)
📦 Packages
| Package | Install | Description |
|---|---|---|
aishield-mcp |
npx aishield-mcp |
MCP Server for Claude/Cursor |
aishield-guardrail |
npx aishield-guardrail |
Guardrail MCP (auto-block unsafe tools) |
aishield |
pip install aishield |
Python SDK |
| GitHub Action | uses: aishield/audit@v1 |
CI/CD integration |
| Claude Skill | Plugin install | Claude Code skill |
🔌 API
Submit Audit
curl -X POST https://aishield.ai/api/v1/audit \
-H "Content-Type: application/json" \
-H "X-API-Key: your-key" \
-d '{
"tool_type": "mcp",
"source_url": "https://github.com/user/repo",
"name": "my-mcp-server"
}'
Get Result
curl https://aishield.ai/api/v1/audit/{audit_id}
Get Badge
Endpoints
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/v1/audit |
Submit audit |
| GET | /api/v1/audit/{id} |
Get audit result |
| GET | /api/v1/tools |
List scanned tools |
| GET | /api/v1/stats |
Global statistics |
| GET | /api/v1/badge-name/{name} |
SVG badge |
| GET | /api/v1/pricing |
Pricing info |
| POST | /api/v1/keys |
Create API key |
| GET | /api/v1/health |
Health check |
💰 Pricing
| Tier | Price | Scans/Day | Features |
|---|---|---|---|
| Free | ¥0 | 5 | Basic scanning, badge |
| Pro | ¥29/month | 200 | Priority queue, batch scan |
| Enterprise | ¥199/month | Unlimited | Custom rules, SSO, SLA |
| Pay-per-scan | ¥1/scan | - | One-time |
Get API key: https://aishield.ai/pricing
🏗️ Architecture
Agent (Claude/Cursor/Cline)
↓ installs MCP tool
Guardrail MCP intercepts
↓ calls AIShield API
AIShield Scanner
├── Static Analysis (30+ regex rules)
├── Dependency Analysis (npm/PyPI)
├── Secrets Detection
└── Semantic Analysis (AI-powered)
↓ returns 4D score + badge
Agent shows result to user
✅ Approved → install
🚫 Blocked → warn user
📈 Roadmap
- [x] MCP Server (stdio)
- [x] Python SDK
- [x] GitHub Action
- [x] Guardrail MCP
- [x] 4-dimensional scoring
- [x] Certified badges
- [ ] OWASP MCP Top 10 alignment
- [ ] Tool Poisoning deep detection
- [ ] Rug Pull detection (git diff monitoring)
- [ ] MCP Trust Framework (MTF) scoring
- [ ] Real-time handshake verification
- [ ] Batch scan 1000+ tools
- [ ] Industry security report
📄 License
MIT © AIShield
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.