aegisq-codeshield-mcp
v2.2.0
Published
AegisQ-CodeShield MCP server — AI security scanning for Claude Code, Cursor, Windsurf, Copilot, ChatGPT, Cline, and more
Downloads
293
Maintainers
Readme
aegisq-codeshield-mcp
AI security scanning for your coding tools — powered by the Model Context Protocol.
AegisQ-CodeShield scans AI-generated code in real-time for OWASP Top 10, OWASP LLM Top 10, CISA Secure by Design, and CWE vulnerabilities. It works inside your favorite AI coding tool via MCP.
What's new in v2.1.0
The v2.1.0 release closes the six-issue MCP NSA agentic-systems risk plan:
- DSSE signing on confidential responses — every
aegisq_fixandaegisq_scan_snippetresponse carries a DSSE v1.0 envelope signed with the operator's ed25519 key. Verify with the new@aegisq/codeshield-clientnpm package. - JWT lifecycle on HTTP transport —
POST /auth/tokenexchanges the legacy Bearer for a JWT + refresh token (single-use rotation, replay protection, revocation list). Legacy Bearer still works in v2.1.0 (auth.allowLegacyBearer: truedefault); v2.2.0 will flip the default off. - Cross-server peer-MCP allowlist — closes the WhatsApp-pattern attack.
confidential-class responses refuse to run when a non-allowlisted peer MCP server is present in the same host client. Configure viaaegisq-codeshield.config.json. - Tool catalog manifest hash — advertised at
_meta['aegisq.tool_catalog_manifest_hash']oninitialize. Host clients pin the hash and re-prompt for approval on change. v2.1.0 hash:0dcb6358ab5350e0ec4394ad902cd659012870d927a9a82a205b54f2d178fcf3. - URN identifiers — every tool advertises
urn:aegisq:codeshield:{tool}:v1alongside its short name. Schema-breaking changes bump the URN. - Provenance +
output_type— every response declares anoutput_type(narrative/code_artifact/metadata/decision/error) at_meta['aegisq.provenance']. Downstream agents apply type-appropriate scrutiny. aegisq_fixrequiresidempotency_key(UUID v4). Duplicate keys within 24h return the cached fix without re-running the LLM. Host clients adopt this automatically via the advertisedinputSchema.
→ See the v2.1.0 upgrade guide for step-by-step instructions and the release notes for the full story.
Supported Tools
| Tool | Transport | Config Location |
|------|-----------|-----------------|
| Claude Code | stdio | ~/.claude/mcp.json |
| Cursor | stdio | .cursor/mcp.json |
| Windsurf | stdio | MCP settings |
| GitHub Copilot | stdio | VS Code settings |
| Cline | stdio | MCP settings |
| Continue.dev | stdio | MCP settings |
| Zed | stdio | settings.json |
| ChatGPT | HTTP | http://localhost:3100/mcp |
| Codex CLI | stdio | MCP config |
Quick Start
1. Install
npx aegisq-codeshield-mcp --helpRequires Node.js 18+.
v2.1.x HTTP auth: legacy Bearer still works (auto-generated 256-bit token,
0o600perms, set your own viaAEGISQ_AUTH_TOKEN). New in v2.1.0: opt into the JWT lifecycle viaPOST /auth/tokenfor refresh-token rotation + replay protection. v2.2.0 will defaultauth.allowLegacyBearer: false— plan to migrate before then. Stdio users (Claude Code, Cursor, Windsurf, Cline, Continue.dev, Zed) are unaffected by HTTP auth changes.
2. Configure Your Tool
Claude Code / Cursor / Windsurf — add to your MCP config:
{
"mcpServers": {
"aegisq-codeshield": {
"command": "npx",
"args": ["aegisq-codeshield-mcp"],
"env": {
"AEGISQ_LICENSE_KEY": "your-license-key"
}
}
}
}ChatGPT / HTTP-based tools — start the HTTP server:
AEGISQ_LICENSE_KEY=your-key npx aegisq-codeshield-mcp --httpThen connect your tool to http://localhost:3100/mcp.
3. Scan
Ask your AI coding tool:
"Scan this file for security vulnerabilities"
MCP Tools
| Tool | Description |
|------|-------------|
| aegisq_scan_file | Scan a file for security vulnerabilities |
| aegisq_scan_snippet | Scan inline or generated code snippets |
| aegisq_explain | AI-powered vulnerability explanation |
| aegisq_fix | Auto-fix generation with diff preview |
| aegisq_report | Compliance report (OWASP/CISA/CWE) in Markdown, JSON, or CSV |
| aegisq_status | Server status, license tier, scan count |
Features
- 80+ security rules covering injection, auth, crypto, LLM prompt injection, and more
- LLM-powered deep scanning beyond regex patterns (Pro+)
- Auto-fix generation with one-click remediation (Pro+)
- Compliance reports grouped by OWASP, CISA, or CWE
- Works offline — regex engine runs locally with zero network calls
- Inline suppression — add
// aegisq-ignoreto skip specific lines - MCP NSA hardening (v2.1.0+) — DSSE signing on confidential responses, JWT lifecycle with replay protection, peer-MCP allowlist, tool catalog manifest hash, URN identifiers, provenance +
output_typeon every response. See MCP NSA risk plan.
CLI Options
aegisq-codeshield-mcp [options]
Options:
--http Start HTTP server (default: stdio)
--port PORT HTTP port (default: 3100)
--host HOST HTTP bind address (default: 127.0.0.1)
--stateless Stateless HTTP mode
--help Show helpEnvironment Variables
| Variable | Description |
|----------|-------------|
| AEGISQ_LICENSE_KEY | Your license key |
| AEGISQ_LLM_API_KEY | LLM API key (Anthropic, OpenAI, or compatible provider) |
| AEGISQ_LLM_PROVIDER | LLM provider: anthropic (default), openai, openai-compatible |
| AEGISQ_LLM_MODEL | Model override (e.g. gpt-4o, claude-sonnet-4-5) |
| AEGISQ_LLM_BASE_URL | OpenAI-compatible base URL (Groq, OpenRouter, Ollama, etc.) |
| AEGISQ_TRANSPORT | Transport mode: stdio or http |
| AEGISQ_PORT | HTTP port (default: 3100) |
| AEGISQ_HOST | HTTP bind address (default: 127.0.0.1) |
| AEGISQ_AUTH_TOKEN | Override the auto-generated HTTP Bearer token (legacy auth) |
| AEGISQ_CONFIG_PATH | Override the search path for aegisq-codeshield.config.json (v2.1.0+) |
License Tiers
| Tier | Price | LLM Scans | Fixes | Sessions | |------|-------|-----------|-------|----------| | Free | $0 | 5/day | 3/day | 1 | | Pro | $19/mo | Unlimited | Unlimited | 5 | | Team | $49/mo | Unlimited | Unlimited | 25 | | Enterprise | Custom | Unlimited | Unlimited | Unlimited |
The free tier includes all regex-based scanning (80+ rules) with no limits.
License & Support
MIT.
Need help, have a bug to report, or want to talk pricing?
- Email: [email protected]
- Security disclosures: also [email protected] — please use the subject line
[SECURITY] AegisQ-CodeShield
Links
- VS Code Extension (free base scanner)
- npm: @aegisq/codeshield-client — new in v2.1.0 — DSSE verifier + provenance parser for programmatic clients
- npm: @aegisq-codeshield/core — embeddable scanning engine
- npm: @aegisq-codeshield/security-rules — standalone rule definitions
- v2.1.0 upgrade guide
- Release notes — v2.1.0
