GuardRail V2.0 (Enterprise)
FreeNot checkedGuardRail MCP is an enterprise agent security server that provides multi-language code analysis, dependency scanning, and container security checks, with RBAC,
About
GuardRail MCP is an enterprise agent security server that provides multi-language code analysis, dependency scanning, and container security checks, with RBAC, policy packs, and audit logging.
README
Release License: MIT Tests Website MCPize
Hybrid multi-language security analysis over MCP for AI-assisted development workflows.
GuardRail exposes tools that scan source and infrastructure text for high-signal issues (secrets, dangerous APIs, injection patterns, IaC misconfigurations), with optional tree-sitter structural checks, dependency inventory/OSV, SARIF/SBOM export, and an enterprise policy gateway.
| Resource | URL |
|---|---|
| Website | https://secret4422.github.io/guardrail-mcp/ |
| MCPize listing | https://mcpize.com/mcp/guardrail |
| Accuracy policy | docs/ACCURACY.md |
| Security / threat model | docs/SECURITY_MODEL.md |
| Examples | docs/EXAMPLES.md |
| Performance | docs/PERFORMANCE.md |
| Test results | docs/test-results.md |
| Enterprise | docs/ENTERPRISE.md |
Scope (read this)
- Does: static analysis of text you provide; redacts many secret-shaped substrings in excerpts.
- Does not: execute scanned code; replace commercial SAST/DAST; guarantee zero false positives/negatives; provide SOC2 certification by itself.
- Website playground: browser-only demonstration (
docs/ACCURACY.md). Production use = Python MCP/CLI.
Quick start
git clone https://github.com/SECRET4422/guardrail-mcp.git
cd guardrail-mcp
pip install -r requirements.txt
export PYTHONPATH=$PWD
python -m unittest discover -s tests -v
python -m guardrail --mode stdio
MCP client configuration
{
"mcpServers": {
"guardrail": {
"command": "python",
"args": ["-m", "guardrail", "--mode", "stdio"],
"cwd": "/absolute/path/to/guardrail-mcp",
"env": { "PYTHONPATH": "/absolute/path/to/guardrail-mcp" }
}
}
}
CLI scan (ground truth)
python - <<'PY'
from pathlib import Path
from guardrail.hybrid_scan import hybrid_scan
r = hybrid_scan(
Path("examples/vulnerable_sample.py").read_text(encoding="utf-8"),
filename="examples/vulnerable_sample.py",
)
print(r["status"], r["security_verdict"], r["issue_count"], r.get("engines"))
PY
examples/ contains intentional insecure fixtures for tests and demos only (labeled in-file). Values are synthetic.
Capabilities
| Area | Implementation |
|---|---|
| Secrets / high-signal patterns | rules.py, language grids |
| Python AST + multi-hop taint | ast_engine.py, taint.py |
| Tree-sitter (optional grammars) | treesitter_engine.py |
| Repo / git-diff scan | repo_scan.py, git_scan.py |
| Dependencies / OSV | deps.py (network optional) |
| SARIF / SBOM | sarif_export.py, sbom.py |
| Enterprise auth, RBAC, policy | guardrail/enterprise/ |
| Custom rules / plugins | rule_engine.py, plugins.py |
Tests
PYTHONPATH=$PWD python -m unittest discover -s tests -v
Published summary: docs/test-results.md (reproduce with the command above).
Performance
Indicative micro-benchmarks are in docs/PERFORMANCE.md and benchmarks/. Re-run on your machine before relying on numbers.
Enterprise mode
Optional multi-tenant gateway (API keys/JWT, RBAC, path sandbox, audit, rate limits). See docs/ENTERPRISE.md. Do not deploy HTTP enterprise mode without authentication.
Hosted listing
Optional commercial listing: mcpize.com/mcp/guardrail.
Self-hosting the MIT core remains free. Pricing on MCPize is set in that marketplace dashboard.
Security
- Threat model: docs/SECURITY_MODEL.md
- Vulnerability reporting: SECURITY.md
- Claims policy: docs/ACCURACY.md
License
MIT — LICENSE.
Install GuardRail V2.0 (Enterprise) in Claude Desktop, Claude Code & Cursor
unyly install guardrail-mcp-v2-0-enterpriseInstalls into Claude Desktop, Claude Code, Cursor & VS Code — handles npx, uvx and build-from-source repos for you.
First time? Get the CLI: curl -fsSL https://unyly.org/install | sh
Or configure manually
Run in your terminal:
claude mcp add guardrail-mcp-v2-0-enterprise -- uvx --from git+https://github.com/SECRET4422/guardrail-mcp guardrail-mcpFAQ
Is GuardRail V2.0 (Enterprise) MCP free?
Yes, GuardRail V2.0 (Enterprise) MCP is free — one-click install via Unyly at no cost.
Does GuardRail V2.0 (Enterprise) need an API key?
No, GuardRail V2.0 (Enterprise) runs without API keys or environment variables.
Is GuardRail V2.0 (Enterprise) hosted or self-hosted?
Self-hosted: the server runs locally on your machine via the install command above.
How do I install GuardRail V2.0 (Enterprise) in Claude Desktop, Claude Code or Cursor?
Open GuardRail V2.0 (Enterprise) on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.
Related MCPs
GitHub
PRs, issues, code search, CI status
by GitHubFilesystem
Secure file operations with configurable access controls.
Memory
Knowledge graph-based persistent memory system.
Template MCP Server
A CLI tool to create a new Model Context Protocol server project with TypeScript support, dual transport options, and an extensible structure
by mcpdotdirectCompare GuardRail V2.0 (Enterprise) with
Not sure what to pick?
Find your stack in 60 seconds
Author?
Embed badge for your README
Browse similar
All development MCPs
