Project Shield
Security scanner for MCP servers and AI-generated code.
One command to security-grade your MCP server.
What it detects
Layer | What | How |
π Secrets | API keys, tokens, credentials | Regex + entropy + context analysis |
π€ PII | Email, phone, SSN | Pattern matching + checksum validation |
π Prompt Injection | Attacks in MCP tool descriptions | Heuristic + pattern detection |
π‘οΈ MCP Misconfig | Missing auth, open permissions, no logging | Config rule engine |
Security Grades
Grade | Meaning |
A | Excellent β ship with confidence |
B | Good β minor improvements suggested |
C | Clean β some issues to address |
D | Warning β fix before deploy |
E | Warning β significant issues found |
F | Locked β deployment blocked until fixed |
Quick Start
MCP Server Config
Features
275+ detection rules across 4 security layers
A-F grading system with automatic deploy lock on F
Evidence Packs β SHA-256 hashed, tamper-proof scan results
Fix-it guides β actionable remediation for every finding
Badge system β verifiable security badges for your projects
Pricing
Plan | Price | Scans | Features |
Free | $0 | 5/month | Basic reporting |
Pro | $29/month | 50/month | PDF reports, Evidence Packs |
Team | $99/month | Unlimited (5 users) | CI/CD integration |
Enterprise | $299+/month | Custom | SSO, audit trails |
Links
Website: shield.codemeant.dev
npm: project-shield
License
Proprietary β see shield.codemeant.dev for terms.