ShieldNet MCP
A zero-trust security guardrail for AI agents that scans external endpoints and returns ALLOW/WARN/BLOCK decisions with detailed findings.
README
π‘οΈ ShieldNet MCP β Security Scanner for AI Agents
Bring security governance to any AI agent deployment via MCP.
Track: Secure & Govern MCP | MCP_HACK//26
<div align="center">
</div>
What It Does
ShieldNet MCP is a zero-trust guardrail for AI agents. Before your agent connects to any external endpoint (API, webhook, third-party service), ShieldNet scans it and returns an ALLOW / WARN / BLOCK decision β with full findings and severity ratings.
- Scan URLs for 50+ checks across 7 security modules
- Governance decisions β auto-gate agent connections with ALLOW/WARN/BLOCK
- Security headers audit β quick compliance check
- Side-by-side comparisons β which endpoint is safer?
- Session history β track all scans with grades and scores
- Pre-built prompts β security audit & pre-deployment check workflows
Why It Matters
AI agents increasingly interact with external APIs and services. Without security governance:
- An agent could connect to a compromised endpoint
- Sensitive data could leak through misconfigured CORS
- Injection attacks could manipulate agent behavior
ShieldNet acts as a security guardrail β scan first, connect later.
Architecture
ββββββββββββ βββββββββββββββββββββββββ
β β β agentgateway β
β AI AgentββββββββΆβ βββββββββββββββββββ β βββββββββββββββββ
β (Claude, β β β π ShieldNet β β β External β
β GPT, βββββββββ β MCP Server ββββΌββββββΆβ Service β
β etc.) β β β β β β (target URL) β
β β β β βββββββββββββ β β β β
ββββββββββββ β β β Scanners β β β βββββββββββββββββ
β ββββΌββββββββββββΌβββ β
β β β β
β ββββΌβββ βββββββββΌβββ β
β βHeadersβ βInjection β β
β β TLS β βInfo Disc β β
β β Auth β βMisconfig β β
β βRate β β β β
β βLimit β β β β
β ββββββββ ββββββββββββ β
β ALLOW / WARN / BLOCK β
ββββββββββββββββββββββββββ
Flow:
- AI agent requests external connection
- agentgateway routes to ShieldNet MCP
- ShieldNet runs 7 scanner modules in parallel
- Returns ALLOW/WARN/BLOCK + detailed findings
- agentgateway enforces the decision
Scanner Modules (7)
| # | Module | What It Checks |
|---|---|---|
| 1 | security_headers |
HSTS, CSP, X-Frame-Options, Cookie flags, CORS wildcards, info disclosure |
| 2 | injection |
Reflected XSS, SQLi, SSTI, Command Injection, Path Traversal, SSRF, Open Redirect |
| 3 | info_disclosure |
25 sensitive paths (.env, .git, package.json, swagger, backups, server-status) |
| 4 | tls |
HTTP vs HTTPS, SSL/TLS redirect enforcement |
| 5 | auth |
JWT exposure, JWT alg:none, API keys in source, email harvesting |
| 6 | misconfiguration |
CORS origin reflection, TRACE method, version disclosure in error pages |
| 7 | rate_limiting |
20-request burst test (aggressive mode only) |
Quick Start
1. Install
git clone https://github.com/hhhashexe/shieldnet-mcp.git
cd shieldnet-mcp
npm install
2. Run a demo scan (no setup needed)
bash demo.sh https://example.com
This launches the MCP server, discovers available tools via tools/list, runs a live scan, and pretty-prints the results with colors. π€
3. Run the test suite
npm test
75 integration tests covering all 6 MCP tools, 6 tools + 3 resources + 2 prompts.
4. Use as an MCP Server
Claude Desktop
Add to your claude_desktop_config.json:
{
"mcpServers": {
"shieldnet": {
"command": "node",
"args": ["/path/to/shieldnet-mcp/src/index.js"]
}
}
}
With agentgateway
targets:
- name: shieldnet-security
provider:
type: mcp
config:
command: node
args: ["src/index.js"]
See agentgateway.yaml for full configuration.
Raw JSON-RPC (stdio)
echo '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2024-11-05","capabilities":{},"clientInfo":{"name":"my-agent","version":"0.1"}}}
{"jsonrpc":"2.0","method":"notifications/initialized"}
{"jsonrpc":"2.0","id":2,"method":"tools/call","params":{"name":"scan_url","arguments":{"url":"https://example.com"}}}' | node src/index.js
MCP Tools
| Tool | Description |
|---|---|
scan_url |
Comprehensive scan β 7 modules, 50+ checks, A-F grade |
assess_risk |
Scan + governance decision (ALLOW/WARN/BLOCK) with confidence score |
check_headers |
Quick security headers audit β PASS/WARN/FAIL verdict |
scan_history |
Session scan history with grades |
compare_scans |
Side-by-side comparison of two URLs |
governance_policy |
View policy or evaluate a score against thresholds |
MCP Resources
| Resource | Description |
|---|---|
shieldnet://attack-vectors |
Full attack vector database |
shieldnet://scan-history |
Session scan history |
shieldnet://governance-policy |
ALLOW/WARN/BLOCK thresholds |
MCP Prompts
| Prompt | Description |
|---|---|
security_audit |
Full audit with executive report |
pre_deployment_check |
Gate check before deployment |
Security Governance
ShieldNet makes ALLOW/WARN/BLOCK decisions based on:
ALLOW β Score β₯ 70, no critical findings
WARN β Score 50-69, or high-severity findings
BLOCK β Score < 50, or any critical vulnerabilities
Real-World Proof
ShieldNet has been used in production security audits:
- 3 CVEs discovered and responsibly disclosed
- PayLock.xyz audit: 36 verified findings (4 Critical, 17 High)
- Published on npm as
shieldnet(v0.3.2)
License
MIT β see LICENSE
Links
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.