Shellward

Name: Shellward
Author: jnmetacode

by jnmetacodecommunityv0.5.11

ShellWard is an AI agent security middleware that protects against prompt injection, data exfiltration, and dangerous command execution by intercepting tool calls at runtime.

From the registry: AI agent security: 7 MCP tools for injection detection, PII scanning, command safety, DLP.

GitHub Repository

Install & configure

Prerequisites

required
Clone repository
Must clone repo first, then run via tsx
```
$ git clone https://github.com/jnMetaCode/shellward && cd shellward && npm install
```
https://github.com/jnMetaCode/shellward

Install in your client

Paste into the AI you're chatting with — it will figure out the rest

Please install the `shellward` MCP server into my current AI client (that's you).

Required prerequisites (do these first if not already done):
- **Clone repository** — Must clone repo first, then run via tsx Run: `git clone https://github.com/jnMetaCode/shellward && cd shellward && npm install` (https://github.com/jnMetaCode/shellward)

Canonical MCP server config (stdio transport):
- command: `npx`
- args: ["tsx","<path-to-shellward>/src/mcp-server.ts"]
- optional environment variables:
  - `SHELLWARD_MODE`: enforce or audit mode (default: enforce) (example: `enforce`)

Note: AI agent security middleware. 8-layer defense: prompt injection detection, PII scanning, dangerous command blocking, DLP data flow control. 7 MCP tools. Zero dependencies. Also available as npm SDK.

Add this MCP server to my current client's config in the correct format for you. If you need secrets or credentials I haven't provided, ASK me — do not invent values or leave raw placeholders. After adding it, tell me how to verify the server is connected.

Note: AI agent security middleware. 8-layer defense: prompt injection detection, PII scanning, dangerous command blocking, DLP data flow control. 7 MCP tools. Zero dependencies. Also available as npm SDK.

Tools (7)

check_command

Check if a shell command is safe (rm -rf, reverse shell, fork bomb...)

check_injection

Detect prompt injection in text (32+ rules, zh+en)

scan_data

Scan for PII & sensitive data (CN ID/phone/bank, API keys, SSN...)

check_path

Check if file path operation is safe (.env, .ssh, credentials...)

check_tool

Check if tool name is allowed (blocks payment/transfer tools)

check_response

Audit AI response for canary leaks & PII exposure

security_status

Get current security config & active layers

Environment variables

SHELLWARD_MODErequiredSets the mode of operation, either 'enforce' or 'audit'.

SHELLWARD_LOCALErequiredSets the locale for the middleware, options include 'auto', 'zh', or 'en'.

SHELLWARD_THRESHOLDrequiredSets the risk score threshold for injection detection, ranging from 0 to 100.

Packages

shellward

npmv0.5.11transport: stdio

Details

Language: TypeScript
License: Apache-2.0
Released: Mar 23, 2026
Last commit: Apr 1, 2026
Registry name: io.github.jnMetaCode/shellward

Related Servers

SafeDep Vet MCP

Protect your AI agents and IDEs from malicious open-source packages.

1.0k

Skylos

Dead code, security, secrets detection and code quality for Python, TypeScript, Go.

370

UniFi Access MCP

Manage UniFi Access doors, credentials, policies, visitors, and events via MCP.

243