Guardvibe

Name: Guardvibe
Author: goklab

goklab/guardvibe

Run deterministic security rules, doctor checks, and host audits through MCP so agent-generated code gets a fixed policy layer before you ship.

Overview

io.github.goklab/guardvibe is a MCP server for the Ship phase that applies 441 deterministic security rules and 37 audit tools via CLI, doctor, and host checks.

What is this MCP server?

Advertised deterministic security layer with 441 rules and 37 MCP tools
npm package guardvibe v3.9.0 with stdio MCP transport
CLI plus doctor and host audit workflows for local verification
GitHub repository goklab/guardvibe for rule packs and updates
Complements (does not replace) human review for agent-written patches
441 security rules (per description)
37 MCP tools (per description)
Package version 3.9.0 (guardvibe npm)

Compatible agents: Claude Code, Cursor, Codex, Windsurf

Community signal: 2 GitHub stars.

What problem does it solve?

AI assistants miss or inconsistently apply security rules, leaving solo builders to manually re-audit every agent-generated change.

Who is it for?

Indie devs who ship agent-assisted code and want a bundled rules-plus-tools security MCP instead of ad-hoc prompt reminders.

Skip if: Teams needing formal compliance certification only, or projects with zero local Node/npm footprint and no appetite for security scanners.

What do I get? / Deliverables

After registering guardvibe MCP and running doctor or host audit flows, you get rule-based findings you can fix before shipping.

MCP-accessible security tools backed by the published rule set
CLI and doctor audit output for the local project and host
Repeatable pre-ship security pass alongside agent workflows

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Guardvibe is positioned as a security layer you apply before release and during hardening—not casual ideation. Security subphase covers scanners, policy enforcement, and audit tooling beyond one-off code review chat.

How it compares

Deterministic rule-based security MCP and CLI—not a generic linter skill or passive monitoring SaaS alone.

Common Questions / FAQ

Who is io.github.goklab/guardvibe for?

Solo builders and small teams using AI coding agents who want deterministic security rules and audit tools wired through MCP before release.

When should I use io.github.goklab/guardvibe?

Use it in Ship—security and review—after large agent diffs, before merges, or when running host audits on your dev machine.

How do I add io.github.goklab/guardvibe to my agent?

Install the guardvibe npm package, configure stdio MCP in your host, and run CLI/doctor commands; version 3.9.0 is listed in the server manifest.