@aiclude/mcp-guard 0.2.1 → 0.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +21 -30
  2. package/package.json +1 -1
package/README.md CHANGED
@@ -106,24 +106,21 @@ Works out of the box with built-in default policies. Customize with YAML policy
106
106
 
107
107
  ## Protection Coverage
108
108
 
109
- ```
110
- +---------------------+-----------------------+-----------------------+
111
- | Tool Definitions | Tool Call Arguments | Tool Responses |
112
- | (server -> client) | (client -> server) | (server -> client) |
113
- +---------------------+-----------------------+-----------------------+
114
- | Zero-width chars | SQL Injection | Credential exposure |
115
- | Prompt injection | Command Injection | System path leaks |
116
- | Homoglyph spoofing | Path Traversal | Stack trace exposure |
117
- | HTML comment hiding | XSS | Command exec evidence |
118
- | Base64 encoding | Template Injection | Template injection |
119
- | Name shadowing | Prompt injection | Credential leaks |
120
- | Multilingual inject | Multilingual inject | |
121
- | Agent manipulation | Zero-width hiding | |
122
- | InputSchema checks | | |
123
- +---------------------+-----------------------+-----------------------+
124
- CWE: CWE-22, CWE-78, CWE-79, CWE-89, CWE-94, CWE-200, CWE-209
125
- OWASP MCP Top 10: Tool Poisoning, Prompt Injection, and more
126
- ```
109
+ | Tool Definitions (server → client) | Tool Call Arguments (client → server) | Tool Responses (server → client) |
110
+ |:-----------------------------------|:--------------------------------------|:---------------------------------|
111
+ | Zero-width steganography | SQL Injection | Credential exposure |
112
+ | Prompt injection phrases | Command Injection | System path leaks |
113
+ | Homoglyph spoofing | Path Traversal | Stack trace exposure |
114
+ | HTML comment hiding | XSS | Command exec evidence |
115
+ | Base64 encoding hiding | Template Injection | Template injection results |
116
+ | Name shadowing | Prompt injection | Credential leaks |
117
+ | Multilingual injection | Multilingual injection | |
118
+ | Agent manipulation patterns | Zero-width char hiding | |
119
+ | InputSchema validation | | |
120
+
121
+ **CWE Coverage:** CWE-22, CWE-78, CWE-79, CWE-89, CWE-94, CWE-200, CWE-209
122
+
123
+ **OWASP MCP Top 10:** Tool Poisoning, Prompt Injection, and more
127
124
 
128
125
  ---
129
126
 
@@ -133,21 +130,15 @@ MCP Guard operates as a **transparent proxy** between client and server.
133
130
 
134
131
  ### stdio Mode
135
132
 
136
- ```
137
- MCP Client ──stdio──> MCP Guard ──stdio──> MCP Server
138
- <──stdio── (Proxy) <──stdio── (Local)
139
- |
140
- Rule Engine
141
- ```
133
+ > **MCP Client** → *stdio* → **MCP Guard (Proxy)** → *stdio* → **MCP Server (Local)**
134
+ >
135
+ > All messages pass through the **Rule Engine** for real-time inspection.
142
136
 
143
137
  ### HTTP Mode
144
138
 
145
- ```
146
- MCP Client ──HTTP──> MCP Guard ──HTTP──> MCP Server
147
- <──SSE── (:9090) <──SSE── (Remote)
148
- |
149
- Rule Engine
150
- ```
139
+ > **MCP Client** → *HTTP POST* → **MCP Guard (:9090)** → *HTTP POST* → **MCP Server (Remote)**
140
+ >
141
+ > Responses (JSON or SSE stream) are inspected before forwarding back to the client.
151
142
 
152
143
  **Default behavior: Fail-Close.** If the policy engine errors, all traffic is blocked for safety.
153
144
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@aiclude/mcp-guard",
3
- "version": "0.2.1",
3
+ "version": "0.2.2",
4
4
  "description": "MCP runtime security proxy — intercepts and enforces security policies on MCP tool calls",
5
5
  "type": "module",
6
6
  "main": "./dist/index.js",