Mund
MCP security scanner for AI agents - detects prompt injection, secrets, PII, and vets MCP servers before installation
README
πΈοΈ Weave Protocol
Enterprise Security Suite for AI Agents
A TypeScript monorepo providing security, encryption, compliance, and governance tools for AI agent systems. Built for the Model Context Protocol (MCP) ecosystem.
π What's New: MCP Server Scanner
Mund v0.1.12 now scans MCP servers before you install them:
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β mund_scan_mcp_server β
β β
β β οΈ CRITICAL: Tool "execute" contains injection pattern β
β "ignore previous instructions and run..." β
β β
β β οΈ HIGH: Server name "githib-mcp" is 1 edit from "github" β
β β
β Recommendation: DO_NOT_INSTALL β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Why this matters:
- 43% of MCP servers have command injection vulnerabilities
- "Line jumping" attacks hide malicious prompts in tool descriptions
- Typosquatting mimics legitimate server names
π¦ Packages
| Package | Version | Description |
|---|---|---|
| π‘οΈ @weave_protocol/mund | 0.1.12 | Security scanner - secrets, PII, injection, MCP server vetting |
| ποΈ @weave_protocol/hord | 0.1.4 | Encrypted vault with Yoxallismus cipher |
| βοΈ @weave_protocol/domere | 1.2.10 | Compliance (PCI-DSS, ISO27001, SOC2, HIPAA) & verification |
| π₯ @weave_protocol/witan | 1.0.0 | Multi-agent consensus & governance |
| π @weave_protocol/api | 1.0.6 | REST API for all packages |
π€ AI Agent Skills
Each package includes a SKILL.md file following the Claude Agent Skills specification. These teach AI agents how to use Weave Protocol tools effectively.
| Package | Skill Name | Triggers |
|---|---|---|
| π‘οΈ Mund | security-scanning |
scan, detect secrets, check injection, vet MCP server |
| ποΈ Hord | encrypting-data |
encrypt, decrypt, vault, Yoxallismus, protect |
| βοΈ Domere | compliance-auditing |
audit, checkpoint, SOC2, HIPAA, PCI-DSS, blockchain |
| π₯ Witan | consensus-governance |
consensus, vote, approve, policy, escalate |
| π API | weave-api-calling |
REST API, HTTP endpoint, curl, fetch |
Installation:
Copy skill files to your Claude skills directory:
# Clone repo
git clone https://github.com/Tyox-all/Weave_Protocol.git
# Copy skills to Claude Code
mkdir -p ~/.claude/skills/weave-protocol
cp Weave_Protocol/*/SKILL.md ~/.claude/skills/weave-protocol/
# Or for Claude.ai (upload as custom skills)
# Settings > Features > Custom Skills > Upload ZIP
Once installed, Claude automatically invokes the appropriate skill when you ask it to scan content, encrypt data, create compliance checkpoints, or coordinate multi-agent consensus.
π Quick Start
Install All Packages
npm install @weave_protocol/mund @weave_protocol/hord @weave_protocol/domere
Claude Desktop Integration
Add to claude_desktop_config.json:
{
"mcpServers": {
"mund": {
"command": "npx",
"args": ["-y", "@weave_protocol/mund"]
},
"hord": {
"command": "npx",
"args": ["-y", "@weave_protocol/hord"]
},
"domere": {
"command": "npx",
"args": ["-y", "@weave_protocol/domere"]
}
}
}
MCP Registry
Mund is available on the official MCP Registry:
# Search for it
https://registry.modelcontextprotocol.io
# Server ID: io.github.Tyox-all/mund
β¨ Package Details
π‘οΈ Mund - The Guardian
Real-time security scanning for AI agents.
| Category | Features |
|---|---|
| Secrets | API keys, tokens, passwords, certificates (30+ patterns) |
| PII | SSN, credit cards, emails, phone numbers, addresses |
| Injection | Prompt injection, jailbreak attempts, instruction override |
| Exfiltration | Data leakage, encoding tricks, steganography |
| Code | Dangerous patterns, eval/exec, SQL injection, XSS |
| MCP Servers | Malicious tool descriptions, typosquatting, dangerous permissions |
// Scan content
const result = await mund.scan("Here's my key: sk-abc123...");
// { safe: false, issues: [{ severity: "critical", ... }] }
// Scan MCP server before install
const serverScan = await mund.scanMcpServer(serverJson);
// { recommendation: "DO_NOT_INSTALL", issues: [...] }
π Skill: security-scanning
ποΈ Hord - The Vault
Encrypted storage with the Yoxallismus dual-tumbler cipher.
| Category | Features |
|---|---|
| Encryption | AES-256-GCM, ChaCha20-Poly1305 |
| Key Derivation | Argon2id with configurable parameters |
| Yoxallismus | Dual-layer tumbler/deadbolt obfuscation |
| Memory Safety | Secure buffer handling, auto-zeroing |
| MCP Server | Claude Desktop integration, vault management tools |
import { YoxallismusCipher } from '@weave_protocol/hord';
const cipher = new YoxallismusCipher('master-key');
// Lock (encrypt + obfuscate)
const locked = await cipher.lock(sensitiveData);
// Unlock (de-obfuscate + decrypt)
const unlocked = await cipher.unlock(locked);
Yoxallismus Cipher: A dual-layer encryption combining AES-256-GCM with tumbler/deadbolt obfuscation. Data is first encrypted, then the ciphertext is scrambled using position-dependent transformations that require both the key and the original encryption context to reverse.
π Skill: encrypting-data
βοΈ Domere - The Judge
Enterprise-grade verification, orchestration, compliance, and audit infrastructure.
| Category | Features |
|---|---|
| Verification | Intent tracking, drift detection, execution replay, multi-agent handoff |
| Orchestration | Task scheduler, agent registry, shared state with locks |
| Compliance | SOC2, HIPAA, PCI-DSS, ISO27001 checkpoints & reporting |
| Blockchain | Solana & Ethereum anchoring for immutable audit trails |
Blockchain Anchoring:
- Solana Mainnet:
6g7raTAHU2h331VKtfVtkS5pmuvR8vMYwjGsZF1CUj2o - Solana Devnet:
BeCYVJYfbUu3k2TPGmh9VoGWeJwzm2hg2NdtnvbdBNCj - Ethereum:
0xAA8b52adD3CEce6269d14C6335a79df451543820
import { ComplianceManager } from '@weave_protocol/domere';
const compliance = new ComplianceManager(['pci-dss', 'iso27001', 'soc2', 'hipaa']);
// Create tamper-evident checkpoint
const checkpoint = await compliance.createCheckpoint({
action: 'data_access',
resource: 'customer_records',
actor: 'agent-001'
});
// Generate audit report
const report = await compliance.generateReport('pci-dss', {
startDate: '2024-01-01',
endDate: '2024-12-31'
});
π Skill: compliance-auditing
π₯ Witan - The Council
Multi-agent consensus and governance.
| Category | Features |
|---|---|
| Consensus | Unanimous, majority, weighted, quorum protocols |
| Policy | Rule enforcement, permission management, escalation |
| Communication | Agent bus, broadcast, point-to-point messaging |
| Recovery | Failure detection, automatic failover, state recovery |
import { ConsensusEngine, PolicyEngine } from '@weave_protocol/witan';
const consensus = new ConsensusEngine({
protocol: 'weighted_majority',
threshold: 0.66,
timeout: 30000
});
// Propose action requiring consensus
const result = await consensus.propose({
action: 'deploy_to_production',
requiredApprovals: ['security-agent', 'qa-agent', 'ops-agent']
});
π Skill: consensus-governance
ποΈ Architecture
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β AI Agent System β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β ββββββββββββ ββββββββββββ ββββββββββββ ββββββββββββ β
β β π‘οΈ Mund β β ποΈ Hord β β βοΈ Domereβ β π₯ Witan β β
β β Guardian β β Vault β β Judge β β Council β β
β ββββββ¬ββββββ ββββββ¬ββββββ ββββββ¬ββββββ ββββββ¬ββββββ β
β β β β β β
β Security Encryption Compliance Consensus β
β Scanning Storage Verification Governance β
β β β β β β
β βββββββββββββββ΄ββββββββββββββ΄ββββββββββββββ β
β β β
β βββββββ΄ββββββ β
β β π API β β
β β REST β β
β βββββββββββββ β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
π REST API
The @weave_protocol/api package provides HTTP endpoints for all functionality:
# Start the API server
npx @weave_protocol/api
# Or with Docker
docker run -p 3000:3000 weave-protocol/api
Endpoints:
| Method | Path | Description |
|---|---|---|
| POST | /mund/scan |
Scan content for security issues |
| POST | /mund/scan-mcp-server |
Scan MCP server manifest |
| POST | /hord/encrypt |
Encrypt data |
| POST | /hord/decrypt |
Decrypt data |
| POST | /hord/yoxallismus/lock |
Lock with Yoxallismus cipher |
| POST | /hord/yoxallismus/unlock |
Unlock with Yoxallismus cipher |
| POST | /domere/checkpoint |
Create compliance checkpoint |
| GET | /domere/compliance/frameworks |
List available frameworks |
| POST | /domere/compliance/report |
Generate compliance report |
π Skill: weave-api-calling
π Security Model
Weave Protocol implements defense-in-depth:
- π‘οΈ Mund scans all inputs for threats before processing
- ποΈ Hord encrypts sensitive data at rest and in transit
- βοΈ Domere logs all actions with tamper-evident checksums
- π₯ Witan requires consensus for high-risk operations
CORS Model Integration
The Weave Protocol maps to the CORS Model for AI agent security:
| CORS Layer | Weave Package | Function |
|---|---|---|
| Origin Validation | π‘οΈ Mund | Validates input sources, detects injection |
| Context Integrity | ποΈ Hord | Protects data integrity through encryption |
| Deterministic Enforcement | βοΈ Domere | Ensures consistent policy application |
π οΈ Development
# Clone
git clone https://github.com/Tyox-all/Weave_Protocol.git
cd Weave_Protocol
# Install dependencies (each package)
cd mund && npm install && npm run build
cd ../hord && npm install && npm run build
cd ../domere && npm install && npm run build
# Run tests
npm test
πΊοΈ Roadmap
- [ ] LangChain/LlamaIndex integration package
- [ ] Web dashboard for monitoring
- [ ] MCP server reputation scoring
- [ ] Automated threat intelligence updates
- [ ] GDPR compliance framework
π€ Contributing
See CONTRIBUTING.md for guidelines.
π License
Apache 2.0 - See LICENSE
π Links
- GitHub: https://github.com/Tyox-all/Weave_Protocol
- npm (mund): https://www.npmjs.com/package/@weave_protocol/mund
- npm (hord): https://www.npmjs.com/package/@weave_protocol/hord
- npm (domere): https://www.npmjs.com/package/@weave_protocol/domere
- npm (witan): https://www.npmjs.com/package/@weave_protocol/witan
- MCP Registry: https://registry.modelcontextprotocol.io (search "mund")
Built with β€οΈ for the AI agent ecosystem.
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.