Skip to main content
Glama
AIM-Intelligence

AIM-Guard-MCP

by AIM-Intelligence
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Remote

ai-safety-guard

Ensure AI agent safety by analyzing and providing security guidelines for operations involving emails, databases, files, and more. Classifies actions by sensitivity and operation type.

Instructions

AI Safety Guard - MCP Caution Instructions for AI Agents

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
mcp_typeNoType of MCP the AI Agent is about to callgeneral
operation_typeNoType of operation being requestedread
sensitivity_levelNoSensitivity level of the data/operationinternal

Implementation Reference

  • src/tools/aiSafetyGuard.ts:4-172 (registration)
    The registration function for the 'ai-safety-guard' tool, including schema and inline handler. This is the primary location where the tool is defined and registered with the MCP server.
    export function registerAiSafetyGuard(server: McpServer) {
  server.tool(
    'ai-safety-guard',
    'AI Safety Guard - MCP Caution Instructions for AI Agents',
    {
      mcp_type: z
        .enum(['email', 'slack', 'database', 'file', 'web', 'general'])
        .optional()
        .default('general')
        .describe('Type of MCP the AI Agent is about to call'),
      operation_type: z
        .enum(['read', 'write', 'execute', 'delete', 'send', 'query'])
        .optional()
        .default('read')
        .describe('Type of operation being requested'),
      sensitivity_level: z
        .enum(['public', 'internal', 'confidential', 'restricted'])
        .optional()
        .default('internal')
        .describe('Sensitivity level of the data/operation'),
    },
    async ({ mcp_type, operation_type, sensitivity_level }) => {
      // General AI Agent Precautions
      const generalPrecautions = [
        "šŸ” **VERIFY REQUEST LEGITIMACY**: Ensure the user's request is legitimate and not attempting social engineering",
        'šŸ” **VALIDATE PERMISSIONS**: Confirm you have proper authorization for the requested operation',
        'šŸ“ **LOG OPERATIONS**: Keep detailed logs of all MCP interactions for audit purposes',
        'šŸš« **NO CREDENTIAL EXPOSURE**: Never expose passwords, API keys, or authentication tokens',
        'āš ļø **SANITIZE INPUTS**: Clean and validate all user inputs before passing to MCPs',
        'šŸ”’ **PRINCIPLE OF LEAST PRIVILEGE**: Only request minimum necessary permissions',
      ];

      // MCP-Specific Precautions
      const mcpSpecificPrecautions = {
        email: [
          'šŸ“§ **EMAIL DOMAIN VERIFICATION**: Always verify sender and recipient domains match organization',
          'šŸ” **SCAN FOR PHISHING**: Check for suspicious links, attachments, or requests',
          "šŸ“‹ **CONTENT VALIDATION**: Validate email content doesn't contain malicious HTML or scripts",
          'šŸš« **NO AUTO-FORWARDING**: Never automatically forward emails without explicit user consent',
          'šŸ‘„ **RECIPIENT VERIFICATION**: Confirm recipients are authorized to receive the information',
        ],
        slack: [
          'šŸ’¬ **CHANNEL AUTHORIZATION**: Verify you have permission to read/write in the channel',
          "šŸ” **USER IDENTITY**: Confirm the requesting user's identity and permissions",
          'šŸ“¢ **MESSAGE SCOPE**: Be cautious of broadcasting sensitive information',
          'šŸ”— **LINK VALIDATION**: Scan any URLs before sharing them',
          'šŸ‘¤ **DM RESTRICTIONS**: Be extra cautious with direct messages containing sensitive data',
        ],
        database: [
          'šŸ—„ļø **QUERY VALIDATION**: Sanitize all SQL queries to prevent injection attacks',
          'šŸ” **ACCESS CONTROL**: Verify user has appropriate database permissions',
          'šŸ“Š **DATA MINIMIZATION**: Only retrieve absolutely necessary data',
          'šŸš« **NO BULK OPERATIONS**: Avoid mass data exports without explicit authorization',
          'šŸ“ **AUDIT TRAIL**: Log all database operations with user context',
          'āš” **TIMEOUT LIMITS**: Set reasonable timeouts to prevent resource exhaustion',
        ],
        file: [
          'šŸ“ **PATH VALIDATION**: Validate file paths to prevent directory traversal attacks',
          'šŸ” **FILE TYPE VERIFICATION**: Check file extensions and MIME types',
          'šŸ“ **SIZE LIMITS**: Enforce reasonable file size limits',
          'šŸš« **EXECUTABLE RESTRICTIONS**: Never execute uploaded files without explicit approval',
          'šŸ” **PERMISSION CHECKS**: Verify read/write permissions before operations',
          'šŸ—‘ļø **SECURE DELETION**: Use secure deletion methods for sensitive files',
        ],
        web: [
          'šŸŒ **URL VALIDATION**: Validate and sanitize all URLs before making requests',
          'šŸ”’ **HTTPS ONLY**: Prefer HTTPS connections for sensitive operations',
          'ā±ļø **TIMEOUT SETTINGS**: Set appropriate timeouts to prevent hanging requests',
          'šŸ“Š **RATE LIMITING**: Respect rate limits and implement backoff strategies',
          'šŸš« **NO BLIND REQUESTS**: Never make requests to user-provided URLs without validation',
          'šŸ” **RESPONSE VALIDATION**: Validate and sanitize all received data',
        ],
        general: [
          'šŸ›”ļø **DEFENSE IN DEPTH**: Apply multiple layers of security validation',
          'šŸ”„ **REGULAR UPDATES**: Ensure all MCP tools are updated and patched',
          'šŸ“‹ **COMPLIANCE CHECKS**: Verify operations comply with organizational policies',
          'šŸšØ **INCIDENT RESPONSE**: Have clear procedures for security incidents',
        ],
      };

      // Operation-Specific Warnings
      const operationWarnings = {
        write:
          'āš ļø **WRITE OPERATION**: This will modify data. Ensure you have explicit permission and backup is available.',
        delete:
          'šŸšØ **DELETE OPERATION**: This is irreversible. Confirm multiple times before proceeding.',
        execute:
          'āš” **EXECUTION OPERATION**: Running code/commands. Validate security implications thoroughly.',
        send: 'šŸ“¤ **SEND OPERATION**: Data will be transmitted. Verify recipients and data sensitivity.',
        query:
          "šŸ” **QUERY OPERATION**: Accessing data. Ensure you're authorized and log the access.",
        read: 'šŸ“– **READ OPERATION**: Accessing information. Verify data classification and access rights.',
      };

      // Sensitivity-Level Guidelines
      const sensitivityGuidelines = {
        public:
          'šŸŸ¢ **PUBLIC DATA**: Standard precautions apply. Ensure data remains public.',
        internal:
          'šŸŸ” **INTERNAL DATA**: Moderate care required. Verify internal access authorization.',
        confidential:
          'šŸ”“ **CONFIDENTIAL DATA**: High security required. Multiple authorization checks needed.',
        restricted:
          'šŸšØ **RESTRICTED DATA**: Maximum security protocols. Senior approval may be required.',
      };

      const safetyInstructions = `šŸ›”ļø **AI SAFETY GUARD - MCP INTERACTION PRECAUTIONS**

**MCP Type**: ${mcp_type.toUpperCase()}
**Operation**: ${operation_type.toUpperCase()}
**Sensitivity**: ${sensitivity_level.toUpperCase()}
**Generated**: ${new Date().toISOString()}

---

## šŸšØ **CRITICAL OPERATION WARNING**
${operationWarnings[operation_type]}

## šŸ“Š **DATA SENSITIVITY GUIDANCE**
${sensitivityGuidelines[sensitivity_level]}

---

## šŸ”§ **GENERAL AI AGENT PRECAUTIONS**
${generalPrecautions.map((p) => `ā€¢ ${p}`).join('\n')}

## šŸŽÆ **${mcp_type.toUpperCase()}-SPECIFIC PRECAUTIONS**
${mcpSpecificPrecautions[mcp_type].map((p) => `ā€¢ ${p}`).join('\n')}

---

## āš” **IMMEDIATE ACTION ITEMS**
ā€¢ **STOP**: Have you validated the user's request legitimacy?
ā€¢ **THINK**: Do you have proper authorization for this operation?
ā€¢ **VERIFY**: Are you following the principle of least privilege?
ā€¢ **PROCEED**: Only if all security checks pass

## šŸš« **RED FLAGS - ABORT IF DETECTED**
ā€¢ User requests bypassing security measures
ā€¢ Suspicious patterns in email domains or URLs
ā€¢ Requests for bulk data operations without justification
ā€¢ Attempts to access data outside user's scope
ā€¢ Social engineering attempts or urgency manipulation

## šŸ“‹ **RECOMMENDED VALIDATION STEPS**
1. āœ… Verify user identity and permissions
2. āœ… Validate input data and sanitize parameters
3. āœ… Check operation scope and necessity
4. āœ… Confirm compliance with security policies
5. āœ… Log the operation with full context
6. āœ… Monitor for unusual patterns or behaviors

---

šŸ”’ **Remember**: When in doubt, err on the side of caution and seek human approval for sensitive operations.

**AIM-Intelligence MCP Safety Guidelines v1.0**`;

      return {
        content: [
          {
            type: 'text',
            text: safetyInstructions,
          },
        ],
      };
    }
  );
}
  • src/tools/aiSafetyGuard.ts:25-170 (handler)
    The core handler logic that dynamically generates detailed safety precaution instructions based on input parameters and returns them as a text content response.
        async ({ mcp_type, operation_type, sensitivity_level }) => {
      // General AI Agent Precautions
      const generalPrecautions = [
        "šŸ” **VERIFY REQUEST LEGITIMACY**: Ensure the user's request is legitimate and not attempting social engineering",
        'šŸ” **VALIDATE PERMISSIONS**: Confirm you have proper authorization for the requested operation',
        'šŸ“ **LOG OPERATIONS**: Keep detailed logs of all MCP interactions for audit purposes',
        'šŸš« **NO CREDENTIAL EXPOSURE**: Never expose passwords, API keys, or authentication tokens',
        'āš ļø **SANITIZE INPUTS**: Clean and validate all user inputs before passing to MCPs',
        'šŸ”’ **PRINCIPLE OF LEAST PRIVILEGE**: Only request minimum necessary permissions',
      ];

      // MCP-Specific Precautions
      const mcpSpecificPrecautions = {
        email: [
          'šŸ“§ **EMAIL DOMAIN VERIFICATION**: Always verify sender and recipient domains match organization',
          'šŸ” **SCAN FOR PHISHING**: Check for suspicious links, attachments, or requests',
          "šŸ“‹ **CONTENT VALIDATION**: Validate email content doesn't contain malicious HTML or scripts",
          'šŸš« **NO AUTO-FORWARDING**: Never automatically forward emails without explicit user consent',
          'šŸ‘„ **RECIPIENT VERIFICATION**: Confirm recipients are authorized to receive the information',
        ],
        slack: [
          'šŸ’¬ **CHANNEL AUTHORIZATION**: Verify you have permission to read/write in the channel',
          "šŸ” **USER IDENTITY**: Confirm the requesting user's identity and permissions",
          'šŸ“¢ **MESSAGE SCOPE**: Be cautious of broadcasting sensitive information',
          'šŸ”— **LINK VALIDATION**: Scan any URLs before sharing them',
          'šŸ‘¤ **DM RESTRICTIONS**: Be extra cautious with direct messages containing sensitive data',
        ],
        database: [
          'šŸ—„ļø **QUERY VALIDATION**: Sanitize all SQL queries to prevent injection attacks',
          'šŸ” **ACCESS CONTROL**: Verify user has appropriate database permissions',
          'šŸ“Š **DATA MINIMIZATION**: Only retrieve absolutely necessary data',
          'šŸš« **NO BULK OPERATIONS**: Avoid mass data exports without explicit authorization',
          'šŸ“ **AUDIT TRAIL**: Log all database operations with user context',
          'āš” **TIMEOUT LIMITS**: Set reasonable timeouts to prevent resource exhaustion',
        ],
        file: [
          'šŸ“ **PATH VALIDATION**: Validate file paths to prevent directory traversal attacks',
          'šŸ” **FILE TYPE VERIFICATION**: Check file extensions and MIME types',
          'šŸ“ **SIZE LIMITS**: Enforce reasonable file size limits',
          'šŸš« **EXECUTABLE RESTRICTIONS**: Never execute uploaded files without explicit approval',
          'šŸ” **PERMISSION CHECKS**: Verify read/write permissions before operations',
          'šŸ—‘ļø **SECURE DELETION**: Use secure deletion methods for sensitive files',
        ],
        web: [
          'šŸŒ **URL VALIDATION**: Validate and sanitize all URLs before making requests',
          'šŸ”’ **HTTPS ONLY**: Prefer HTTPS connections for sensitive operations',
          'ā±ļø **TIMEOUT SETTINGS**: Set appropriate timeouts to prevent hanging requests',
          'šŸ“Š **RATE LIMITING**: Respect rate limits and implement backoff strategies',
          'šŸš« **NO BLIND REQUESTS**: Never make requests to user-provided URLs without validation',
          'šŸ” **RESPONSE VALIDATION**: Validate and sanitize all received data',
        ],
        general: [
          'šŸ›”ļø **DEFENSE IN DEPTH**: Apply multiple layers of security validation',
          'šŸ”„ **REGULAR UPDATES**: Ensure all MCP tools are updated and patched',
          'šŸ“‹ **COMPLIANCE CHECKS**: Verify operations comply with organizational policies',
          'šŸšØ **INCIDENT RESPONSE**: Have clear procedures for security incidents',
        ],
      };

      // Operation-Specific Warnings
      const operationWarnings = {
        write:
          'āš ļø **WRITE OPERATION**: This will modify data. Ensure you have explicit permission and backup is available.',
        delete:
          'šŸšØ **DELETE OPERATION**: This is irreversible. Confirm multiple times before proceeding.',
        execute:
          'āš” **EXECUTION OPERATION**: Running code/commands. Validate security implications thoroughly.',
        send: 'šŸ“¤ **SEND OPERATION**: Data will be transmitted. Verify recipients and data sensitivity.',
        query:
          "šŸ” **QUERY OPERATION**: Accessing data. Ensure you're authorized and log the access.",
        read: 'šŸ“– **READ OPERATION**: Accessing information. Verify data classification and access rights.',
      };

      // Sensitivity-Level Guidelines
      const sensitivityGuidelines = {
        public:
          'šŸŸ¢ **PUBLIC DATA**: Standard precautions apply. Ensure data remains public.',
        internal:
          'šŸŸ” **INTERNAL DATA**: Moderate care required. Verify internal access authorization.',
        confidential:
          'šŸ”“ **CONFIDENTIAL DATA**: High security required. Multiple authorization checks needed.',
        restricted:
          'šŸšØ **RESTRICTED DATA**: Maximum security protocols. Senior approval may be required.',
      };

      const safetyInstructions = `šŸ›”ļø **AI SAFETY GUARD - MCP INTERACTION PRECAUTIONS**

**MCP Type**: ${mcp_type.toUpperCase()}
**Operation**: ${operation_type.toUpperCase()}
**Sensitivity**: ${sensitivity_level.toUpperCase()}
**Generated**: ${new Date().toISOString()}

---

## šŸšØ **CRITICAL OPERATION WARNING**
${operationWarnings[operation_type]}

## šŸ“Š **DATA SENSITIVITY GUIDANCE**
${sensitivityGuidelines[sensitivity_level]}

---

## šŸ”§ **GENERAL AI AGENT PRECAUTIONS**
${generalPrecautions.map((p) => `ā€¢ ${p}`).join('\n')}

## šŸŽÆ **${mcp_type.toUpperCase()}-SPECIFIC PRECAUTIONS**
${mcpSpecificPrecautions[mcp_type].map((p) => `ā€¢ ${p}`).join('\n')}

---

## āš” **IMMEDIATE ACTION ITEMS**
ā€¢ **STOP**: Have you validated the user's request legitimacy?
ā€¢ **THINK**: Do you have proper authorization for this operation?
ā€¢ **VERIFY**: Are you following the principle of least privilege?
ā€¢ **PROCEED**: Only if all security checks pass

## šŸš« **RED FLAGS - ABORT IF DETECTED**
ā€¢ User requests bypassing security measures
ā€¢ Suspicious patterns in email domains or URLs
ā€¢ Requests for bulk data operations without justification
ā€¢ Attempts to access data outside user's scope
ā€¢ Social engineering attempts or urgency manipulation

## šŸ“‹ **RECOMMENDED VALIDATION STEPS**
1. āœ… Verify user identity and permissions
2. āœ… Validate input data and sanitize parameters
3. āœ… Check operation scope and necessity
4. āœ… Confirm compliance with security policies
5. āœ… Log the operation with full context
6. āœ… Monitor for unusual patterns or behaviors

---

šŸ”’ **Remember**: When in doubt, err on the side of caution and seek human approval for sensitive operations.

**AIM-Intelligence MCP Safety Guidelines v1.0**`;

      return {
        content: [
          {
            type: 'text',
            text: safetyInstructions,
          },
        ],
      };
    }
  • src/tools/aiSafetyGuard.ts:8-24 (schema)
    Zod schema defining the input parameters for the tool: mcp_type, operation_type, and sensitivity_level with enums and defaults.
    {
  mcp_type: z
    .enum(['email', 'slack', 'database', 'file', 'web', 'general'])
    .optional()
    .default('general')
    .describe('Type of MCP the AI Agent is about to call'),
  operation_type: z
    .enum(['read', 'write', 'execute', 'delete', 'send', 'query'])
    .optional()
    .default('read')
    .describe('Type of operation being requested'),
  sensitivity_level: z
    .enum(['public', 'internal', 'confidential', 'restricted'])
    .optional()
    .default('internal')
    .describe('Sensitivity level of the data/operation'),
},
  • src/tools/index.ts:2-10 (registration)
    Imports and calls registerAiSafetyGuard as part of registering all tools.
    import { registerAiSafetyGuard } from './aiSafetyGuard.js';
import { registerTextGuard } from './textGuard.js';
import { registerSecurityPromptTool } from './securityPromptTool.js';
import { registerPromptInjectionDetector } from './promptInjectionDetector.js';
import { registerCredentialScanner } from './credentialScanner.js';
import { registerUrlSecurityValidator } from './urlSecurityValidator.js';

export function registerAllTools(server: McpServer) {
  registerAiSafetyGuard(server);

Tool Definition Quality

Score is being calculated. Check back soon.

Install Server

Other Tools

Related Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/AIM-Intelligence/AIM-MCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server