Guardpost Server
БесплатноНе проверенRuntime agent firewall for PII redaction, rate limits, and policy enforcement, enabling autonomous agent security via MCP integration.
Описание
Runtime agent firewall for PII redaction, rate limits, and policy enforcement, enabling autonomous agent security via MCP integration.
README
GUARDPOST
Runtime agent firewall — PII redaction, rate limits, policy enforcement
PyPI CI License: COCL 1.0 Suite
AI Security & Governance — securing LLMs, agents, and the MCP supply chain.
pip install cognis-guardpost
guardpost scan . # → prioritized findings in seconds
🔎 Example output
Real, reproducible output from the tool — runs offline:
$ guardpost-emit --version
guardpost 0.1.0
$ guardpost-emit --help
usage: guardpost [-h] [--version] [--format {table,json}] <command> ...
Runtime agent firewall: PII redaction, policy enforcement, rate limits.
positional arguments:
<command>
scan scan text/file for PII & policy violations
options:
-h, --help show this help message and exit
--version show program's version number and exit
--format {table,json}
output format (default: table)
Blocks above are real
guardpostoutput — reproduce them from a clone.
Sample result format (illustrative values — run on your own data for real findings):
{
"guardpost": {
"platform": "stix",
"findings": [
{
"id": "1234567890",
"name": "Suspicious Network Traffic",
"description": "Potential malicious activity detected on network 192.168.1.100",
"created_by": "John Doe",
"created_at": "2023-02-20T14:30:00Z"
},
{
"id": "2345678901",
"name": "Malware Detection",
"description": "Virus detected on system with IP address 10.0.0.1",
"created_by": "Jane Smith",
"created_at": "2023-02-21T16:45:00Z"
}
]
}
}
Usage — step by step
- Install (Python 3.9+):
pip install guardpost - Scan a file (or stdin) for PII and policy violations; redaction is on by
default:
guardpost scan request.txt cat prompt.txt | guardpost scan - - Tighten the policy: use the strict preset, ban terms, set a rate limit, or
tag the principal for audit:
guardpost scan request.txt --strict --rate-limit 60 --principal svc-bot \ --ban "internal-secret" --ban "api_key" - Read the output: the table shows ALLOWED/BLOCKED, the findings
(severity/category/kind/excerpt) and the sanitized text. The process exits
2when traffic is BLOCKED,0when ALLOWED — wire that into a pipeline. - Emit machine-readable findings for a gateway / CI:
cat prompt.txt | guardpost scan - --strict --format json
Contents
- Why guardpost? · Features · Quick start · Example · Architecture · AI stack · How it compares · Integrations · Install anywhere · Related · Contributing
Why guardpost?
Runtime agent firewall — PII redaction, rate limits, policy enforcement — without standing up heavyweight infrastructure.
guardpost is single-purpose, scriptable, and self-hostable: point it at a target, get prioritized results in the format your workflow already speaks (table · JSON · SARIF), gate CI on it, and let agents drive it over MCP.
Features
- ✅ Scan Pii
- ✅ Redact
- ✅ Scan Policy
- ✅ Fingerprint
- ✅ Guard
- ✅ Runs on Linux/macOS/Windows · Docker · devcontainer
- ✅ Ports in Python, JavaScript, Go, and Rust (
ports/)
Quick start
pip install cognis-guardpost
guardpost --version
guardpost scan . # scan current project
guardpost scan . --format json # machine-readable
guardpost scan . --fail-on high # CI gate (non-zero exit)
Example
$ guardpost scan .
[HIGH ] GUA-001 example finding (./src/app.py)
[MEDIUM ] GUA-002 another signal (./config.yaml)
2 findings · risk score 5 · 38ms
Architecture
flowchart LR
IN[agent / A2A traffic] --> P[guardpost<br/>map + analyze]
P --> OUT[graph + flags]
Use it from any AI stack
guardpost is interoperable with every popular way of using AI:
- MCP server —
guardpost mcp(Claude Desktop, Cursor, Cognis.Studio, uncensored-fleet) - OpenAI-compatible / JSON — pipe
guardpost scan . --format jsoninto any agent or LLM - LangChain · CrewAI · AutoGen · LlamaIndex — wrap the CLI/JSON as a tool in one line
- CI / scripts — exit codes + SARIF for non-AI pipelines
How it compares
| Cognis guardpost | protectai | |
|---|---|---|
| Self-hostable, no account | ✅ | varies |
| Single command, zero config | ✅ | ⚠️ |
| JSON + SARIF for CI | ✅ | varies |
| MCP-native (AI agents) | ✅ | ❌ |
| Polyglot ports (JS/Go/Rust) | ✅ | ❌ |
| Open license | ✅ COCL | varies |
Built in the spirit of protectai/llm-guard, re-framed the Cognis way. Missing a credit? Open a PR.
Integrations
Pipes into your stack: SARIF for code-scanning, JSON for anything, an MCP server (guardpost mcp) for AI agents, and a webhook forwarder for SIEM/Slack/Jira. See docs/INTEGRATIONS.md.
Install — every way, every platform
pip install "git+https://github.com/cognis-digital/guardpost.git" # pip (works today)
pipx install "git+https://github.com/cognis-digital/guardpost.git" # isolated CLI
uv tool install "git+https://github.com/cognis-digital/guardpost.git" # uv
pip install cognis-guardpost # PyPI (when published)
docker run --rm ghcr.io/cognis-digital/guardpost:latest --help # Docker
brew install cognis-digital/tap/guardpost # Homebrew tap
curl -fsSL https://raw.githubusercontent.com/cognis-digital/guardpost/main/install.sh | sh
| Linux | macOS | Windows | Docker | Cloud |
|---|---|---|---|---|
scripts/setup-linux.sh |
scripts/setup-macos.sh |
scripts/setup-windows.ps1 |
docker run ghcr.io/cognis-digital/guardpost |
DEPLOY.md (AWS/Azure/GCP/k8s) |
Related Cognis tools
- aegis — AI Agent Permission & Access Auditor — surfaces the lethal trifecta of credentials + injection + reach
- promptmirror — Prompt-injection & indirect-injection scanner for any LLM context input
- ledgermind — Local LLM cost & token forensics proxy with anomaly detection
- adversa — LLM red-team harness — OWASP LLM Top 10 + MITRE ATLAS attack packs
- hallumark — LLM hallucination & grounding auditor for RAG systems
- aicard — Auto-generated NIST AI RMF / EU AI Act Annex IV model & system cards
Explore the suite → 🗂️ all 170+ tools · ⭐ awesome-cognis · 🔗 cognis-sources · 🤖 uncensored-fleet · 🧠 engram
Contributing
PRs, new rules, and demo scenarios are welcome under the collaboration-pull model — see CONTRIBUTING.md and SECURITY.md.
⭐ If
guardpostsaved you time, star it — it genuinely helps others find it.
Interoperability
{} composes with the 300+ tool Cognis suite — JSON in/out and a shared
OpenAI-compatible /v1 backbone. See INTEROP.md for the
suite map, composition patterns, and reference stacks.
License
Source-available under the Cognis Open Collaboration License (COCL) v1.0 — free for personal, internal-evaluation, research, and educational use; commercial / production use requires a license ([email protected]). See LICENSE.
Установка Guardpost Server
У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.
▸ github.com/cognis-digital/guardpostFAQ
Guardpost Server MCP бесплатный?
Да, Guardpost Server MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Guardpost Server?
Нет, Guardpost Server работает без API-ключей и переменных окружения.
Guardpost Server — hosted или self-hosted?
Self-hosted: сервер запускается локально на твоей машине командой из раздела установки.
Как установить Guardpost Server в Claude Desktop, Claude Code или Cursor?
Открой Guardpost Server на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
Fetch
Web content fetching and conversion for efficient LLM usage.
AWS KB Retrieval
Retrieval from AWS Knowledge Base using Bedrock Agent Runtime.
автор: modelcontextprotocolSpring AI MCP Server
Provides auto-configuration for setting up an MCP server in Spring Boot applications.
llm-analysis-assistant
A very streamlined mcp client that supports calling and monitoring stdio/sse/streamableHttp, and can also view request responses through the /logs page. It also
автор: xuzexin-hzCompare Guardpost Server with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории ai
