Is Enforce Action free?

Yes, Enforce Action is free to use.

How do I install Enforce Action?

Enforce Action supports both local and remote installation. For local use, install it via npm (npx) and add the configuration to your AI app. For remote access, add the server URL to your MCP configuration.

What AI apps work with Enforce Action?

Enforce Action uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Enforce Action MCP Server

by Korext

Developer ToolsLow Risk9.8MCP RegistryLocalRemote

Free

Server data from the Official MCP Registry

Governance copilot for AI-assisted coding. 72 packs, 532 rules, proof bundles.

About

Governance copilot for AI-assisted coding. 72 packs, 532 rules, proof bundles.

Remote endpoints: streamable-http: https://app.korext.com/api/mcp

Security Report

9.8

Low Risk9.8Low Risk

Valid MCP server (1 strong, 0 medium validity signals). 2 code issues detected. No known CVEs in dependencies. Imported from the Official MCP Registry. 2 finding(s) downgraded by scanner intelligence.

Endpoint verified · Open access · 2 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

HTTP Network Access

Connects to external APIs or services over the internet.

How to Install & Connect

Available as Local & Remote

This plugin can run on your machine or connect to a hosted endpoint. during install.

Documentation

View on GitHub

From the project's GitHub README.

KOREXT Enforce Action

Enforce compliance policies on AI generated code in your GitHub workflows.

72 policy packs. 532 rules. 13 languages. Violations appear as GitHub Code Scanning annotations on pull requests.

Quick Start

Add this to .github/workflows/korext.yml:

name: Korext Enforcement
on: [push, pull_request]

permissions:
  contents: read
  security-events: write

jobs:
  enforce:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: Korext/enforce-action@v3
        with:
          api-token: ${{ secrets.KOREXT_API_TOKEN }}

Korext scans your code on every push and PR using the default web policy pack.

How It Works

Install: The action installs the Korext CLI
Scan: Runs korext enforce against your codebase with the selected policy pack
Report: Generates a SARIF file and uploads it to GitHub Code Scanning
Gate: Fails the workflow if critical or high severity violations are found

Violations appear as annotations directly on the PR diff, powered by GitHub Code Scanning.

Inputs

Input	Description	Required	Default
`directory`	Directory to scan for policy violations	No	`.`
`pack`	Policy Pack ID to enforce	No	`web`
`api-token`	Korext API token for authenticated mode	No	(anonymous)
`fail-on-violations`	Fail workflow on critical/high violations	No	`true`
`sarif-upload`	Upload SARIF to GitHub Code Scanning	No	`true`
`region`	Data processing region (us, eu, apac)	No	(default)
`sign-bundles`	Request signed proof bundles	No	`true`

Outputs

Output	Description
`violations`	Total number of policy violations found
`sarif-file`	Path to the generated SARIF results file
`bundle-count`	Number of proof bundles generated
`bundles-signed`	Number of signed proof bundles
`bundle-ids`	Comma separated list of proof bundle IDs

Examples

Multiple Policy Packs

- uses: Korext/enforce-action@v3
  with:
    pack: web,pci-dss-v1,owasp-v1
    api-token: ${{ secrets.KOREXT_API_TOKEN }}

EU Data Sovereignty

- uses: Korext/enforce-action@v3
  with:
    pack: gdpr-v1
    region: eu
    api-token: ${{ secrets.KOREXT_API_TOKEN }}

Scan Specific Directory

- uses: Korext/enforce-action@v3
  with:
    directory: src/
    pack: hipaa-v1
    api-token: ${{ secrets.KOREXT_API_TOKEN }}

Warn Only (do not fail)

- uses: Korext/enforce-action@v3
  with:
    pack: web
    fail-on-violations: 'false'

Authentication

For full access to all policy packs and signed proof bundles, create an API token in your KOREXT dashboard and add it as a GitHub secret:

Go to app.korext.com > Settings > API Tokens
Create a new token
Add it as KOREXT_API_TOKEN in your repo's Settings > Secrets and variables > Actions

Without a token, the action runs in anonymous mode (20 requests per hour, limited packs).

License

Proprietary. See Terms of Service.

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Fetch

Free

by Modelcontextprotocol · Developer Tools

Web content fetching and conversion for efficient LLM usage

Git

Free

by Modelcontextprotocol · Developer Tools

Read, search, and manipulate Git repositories programmatically

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

Enforce Action MCP Server

About

Security Report

Findings (2)

Permissions Required

How to Install & Connect

Documentation

KOREXT Enforce Action

Quick Start

How It Works

Inputs

Outputs

Examples

Multiple Policy Packs

EU Data Sovereignty

Scan Specific Directory

Warn Only (do not fail)

Authentication

Links

License

Reviews

No reviews yet

More Developer Tools MCP Servers

Fetch

Git

Toleno

mcp-creator-python

MarkItDown

mcp-creator-typescript