GuardianShield

Universal AI security layer — protect every AI coding agent with code scanning, PII detection, prompt injection defense, secret detection, and audit logging.

verified_user MCP Server Apache-2.0 Python 3.9+ lock Zero Dependencies

pip install guardianshield

Get Started View on GitHub

27 MCP Tools

5 Safety Profiles

108 Detection Patterns

0 Dependencies

Threats AI Agents Face

AI coding agents operate with broad access to your codebase, secrets, and infrastructure. Without guardrails, they can introduce or leak critical security issues.

vpn_key Secret Leakage

API keys, tokens, and credentials accidentally committed to code or exposed through AI-generated output.

gpp_bad Prompt Injection

Malicious instructions hidden in code comments, issues, or data that hijack AI agent behavior.

privacy_tip PII Exposure

Personal data — SSNs, emails, credit cards — leaking through AI-generated code or responses.

bug_report Code Vulnerabilities

SQL injection, XSS, command injection, and path traversal patterns introduced by AI agents.

How GuardianShield Protects

GuardianShield sits between your AI agent and your codebase, scanning every interaction in real-time.

policy Code Scanning

Detects SQL injection, XSS, command injection, path traversal, and insecure functions before code is committed.

enhanced_encryption Secret Detection

12+ patterns catch AWS keys, GitHub tokens, Stripe keys, JWTs, private keys, and database credentials.

block Injection Defense

9+ heuristic patterns identify instruction overrides, role hijacking, ChatML injection, and jailbreak attempts.

visibility PII Detection

Catches emails, SSNs, credit cards, phone numbers, and IP addresses — with automatic redaction.

package_2 Dependency Scanning

Check project dependencies for known CVEs using a local-first OSV.dev vulnerability cache.

code Language-Aware

108+ patterns across 7 languages (Python, JS/TS, Go, Java, Ruby, PHP, C#) with CWE mapping — auto-detected from file extension.

account_tree Data Flow Analysis

Cross-line taint tracking traces untrusted data from sources to dangerous sinks across multiple lines — catching vulnerabilities regex alone can't see.

27 MCP Tools

Every security capability is exposed as a standard MCP tool — callable from any compatible AI client.

scan_code

Analyze source code for vulnerabilities, insecure patterns, and embedded secrets.

scan_input

Check user prompts and inputs for prompt injection and manipulation attempts.

scan_output

Scan AI-generated output for PII leaks, sensitive content, and policy violations.

check_secrets

Detect API keys, tokens, passwords, and credentials in any text.

get_profile

Retrieve the current safety profile configuration and active rules.

set_profile

Switch between safety profiles — general, education, healthcare, finance, children.

audit_log

Query the SQLite audit trail of all scans, findings, and security events.

get_findings

Retrieve security findings filtered by severity, type, or time range.

shield_status

Check the health and configuration of your GuardianShield instance.

scan_file

Scan a single source file with auto language detection from extension.

scan_directory

Recursively scan a directory with extension filtering and progress streaming.

test_pattern

Test custom regex patterns against sample code — returns matches with positions.

check_dependencies

Check project dependencies for known CVEs via a local OSV.dev cache.

sync_vulnerabilities

Sync the local OSV vulnerability database for PyPI, npm, Go, and Packagist ecosystems.

parse_manifest

Parse any supported manifest file into structured dependency objects for analysis.

scan_dependencies

Scan a directory for manifest files and check all dependencies for known vulnerabilities.

mark_false_positive

Mark a finding as false positive — flags future matches and annotates similar patterns.

list_false_positives

List active false positive records with optional filtering by scanner.

unmark_false_positive

Remove a false positive record so findings are no longer suppressed.

list_engines

List available analysis engines with their capabilities and enabled status.

set_engine

Set which analysis engines are active for code scanning in the current session.

export_sarif

Export findings as SARIF 2.1.0 JSON for GitHub Code Scanning and CI pipelines.

save_baseline

Save current findings as a baseline for delta scanning on subsequent runs.

scan_with_baseline

Scan code and report only new findings not present in a saved baseline.

check_quality_gate

Evaluate findings against severity thresholds — pass/fail/warn for CI gates.

scan_files

Scan multiple files in one call for batch scanning workflows.

scan_diff

Parse unified diff and scan only added lines with correct line mapping.

Works Everywhere

One install. Every AI editor. GuardianShield speaks MCP — the universal protocol for AI tool integration.

Claude Code VS Code Cursor Windsurf Claude Desktop OpenSpek Gemini Grok Codex Any MCP Client

Quick Setup

Claude CodeVS CodeCursorClaude Desktop

claude mcp add guardianshield -- guardianshield-mcp

.vscode/mcp.json

{
  "servers": {
    "guardianshield": {
      "type": "stdio",
      "command": "guardianshield-mcp"
    }
  }
}

.cursor/mcp.json

{
  "mcpServers": {
    "guardianshield": {
      "command": "guardianshield-mcp"
    }
  }
}

claude_desktop_config.json

{
  "mcpServers": {
    "guardianshield": {
      "command": "guardianshield-mcp"
    }
  }
}

Safety Profiles

Pre-configured security policies for different industries and use cases. Switch profiles with a single MCP call.

language

General

Balanced defaults for everyday development

school

Education

Content safety for learning environments

local_hospital

Healthcare

HIPAA-aware PII and PHI protection

account_balance

Finance

PCI-DSS compliant secret handling

child_care

Children

Maximum content filtering and safety

Core Features

inventory_2

Zero Dependencies

Pure Python stdlib — no pip install headaches, no supply chain risk.

menu_book

Audit Trail

Every scan logged to SQLite with SHA-256 hashed inputs — never stores raw data.

shield

Auto Redaction

Secrets and PII are automatically redacted in all findings and logs.

extension

Composable

Use as MCP server, Python library, or integrate into CI/CD pipelines.

settings

Configurable

Sensitivity levels, custom patterns, and per-scanner toggles via profiles.

balance

Apache-2.0

Free forever. Patent-protected open source — security for humanity.

link

CWE Mapping

Every finding links to CWE IDs — trace vulnerabilities to the industry-standard weakness catalog.

package_2

Dependency Scanning

Local-first OSV.dev integration — check PyPI, npm, Go, and Packagist packages for known CVEs offline.

How GuardianShield Compares

Feature	NeMo Guardrails	Guardrails AI	Llama Guard	Presidio	GuardianShield
Code Scanning	—	—	—	—
Secret Detection	—	—	—	—
Prompt Injection		Partial		—
PII Detection	—	Partial	—
Content Moderation				—
Audit Logging	—	—	—	—
Safety Profiles	—	—	—	—
MCP Integration	—	—	—	—
Zero Dependencies	—	—	—	—
File-Level Scanning	—	—	—	—
Dependency Scanning	—	Partial	—	—
CWE Mapping	—	—	—	—
Finding Dedup	—	—	—	—
Response Redaction	—	—	—	—
Manifest Parsing	—	—	—	—
Directory Dep Scan	—	—	—	—
Cross-line Analysis	—	—	—	—
GuardianShield	1 of 17	2 of 17	2 of 17	1 of 17	17 of 17

Feature comparison

The comparison above covers 17 functional categories. GuardianShield exposes 27 MCP tools total — some categories (like dependency scanning and CI integration) map to multiple tools.

Community

star

Star on GitHub

Show your support and stay updated with releases

bug_report

Report Issues

Found a bug or have a feature request? Let us know

handshake

Contribute

Help make AI security accessible to everyone

Secure Your AI Agents Today

pip install guardianshield

Get Started Read the Docs