Guardpost MCP Server
Allows integration with CrewAI by wrapping the guardpost CLI as a tool, enabling crew agents to scan and redact content.
Supports forwarding scan findings to Jira via webhook for automated issue creation and tracking.
Allows integration with LangChain by wrapping the guardpost CLI as a tool, enabling LangChain agents to scan and redact content.
Provides OpenAI-compatible output format, allowing any OpenAI-compatible client or LLM to consume guardpost scan results.
Supports forwarding scan findings to Slack via webhook for real-time alerts and notifications.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Guardpost MCP Serverscan demos/ for PII leaks"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
GUARDPOST
Runtime agent firewall โ PII redaction, rate limits, policy enforcement
AI Security & Governance โ securing LLMs, agents, and the MCP supply chain.
pip install cognis-guardpost
guardpost scan . # โ prioritized findings in seconds๐ Example output
Real, reproducible output from the tool โ runs offline:
$ guardpost-emit --version
guardpost 0.1.0$ guardpost-emit --help
usage: guardpost [-h] [--version] [--format {table,json}] <command> ...
Runtime agent firewall: PII redaction, policy enforcement, rate limits.
positional arguments:
<command>
scan scan text/file for PII & policy violations
options:
-h, --help show this help message and exit
--version show program's version number and exit
--format {table,json}
output format (default: table)Blocks above are real
guardpostoutput โ reproduce them from a clone.
Sample result format (illustrative values โ run on your own data for real findings):
{
"guardpost": {
"platform": "stix",
"findings": [
{
"id": "1234567890",
"name": "Suspicious Network Traffic",
"description": "Potential malicious activity detected on network 192.168.1.100",
"created_by": "John Doe",
"created_at": "2023-02-20T14:30:00Z"
},
{
"id": "2345678901",
"name": "Malware Detection",
"description": "Virus detected on system with IP address 10.0.0.1",
"created_by": "Jane Smith",
"created_at": "2023-02-21T16:45:00Z"
}
]
}
}Related MCP server: guardrails-mcp-server
Usage โ step by step
Install (Python 3.9+):
pip install guardpostScan a file (or stdin) for PII and policy violations; redaction is on by default:
guardpost scan request.txt cat prompt.txt | guardpost scan -Tighten the policy: use the strict preset, ban terms, set a rate limit, or tag the principal for audit:
guardpost scan request.txt --strict --rate-limit 60 --principal svc-bot \ --ban "internal-secret" --ban "api_key"Read the output: the table shows ALLOWED/BLOCKED, the findings (severity/category/kind/excerpt) and the sanitized text. The process exits
2when traffic is BLOCKED,0when ALLOWED โ wire that into a pipeline.Emit machine-readable findings for a gateway / CI:
cat prompt.txt | guardpost scan - --strict --format json
Contents
Why guardpost? ยท Features ยท Quick start ยท Example ยท Architecture ยท AI stack ยท How it compares ยท Integrations ยท Install anywhere ยท Related ยท Contributing
Why guardpost?
Runtime agent firewall โ PII redaction, rate limits, policy enforcement โ without standing up heavyweight infrastructure.
guardpost is single-purpose, scriptable, and self-hostable: point it at a target, get prioritized results in the format your workflow already speaks (table ยท JSON ยท SARIF), gate CI on it, and let agents drive it over MCP.
Features
โ Scan Pii
โ Redact
โ Scan Policy
โ Fingerprint
โ Guard
โ Runs on Linux/macOS/Windows ยท Docker ยท devcontainer
โ Ports in Python, JavaScript, Go, and Rust (
ports/)
Quick start
pip install cognis-guardpost
guardpost --version
guardpost scan . # scan current project
guardpost scan . --format json # machine-readable
guardpost scan . --fail-on high # CI gate (non-zero exit)Example
$ guardpost scan .
[HIGH ] GUA-001 example finding (./src/app.py)
[MEDIUM ] GUA-002 another signal (./config.yaml)
2 findings ยท risk score 5 ยท 38msArchitecture
flowchart LR
IN[agent / A2A traffic] --> P[guardpost<br/>map + analyze]
P --> OUT[graph + flags]Use it from any AI stack
guardpost is interoperable with every popular way of using AI:
MCP server โ
guardpost mcp(Claude Desktop, Cursor, Cognis.Studio, uncensored-fleet)OpenAI-compatible / JSON โ pipe
guardpost scan . --format jsoninto any agent or LLMLangChain ยท CrewAI ยท AutoGen ยท LlamaIndex โ wrap the CLI/JSON as a tool in one line
CI / scripts โ exit codes + SARIF for non-AI pipelines
How it compares
Cognis guardpost | protectai | |
Self-hostable, no account | โ | varies |
Single command, zero config | โ | โ ๏ธ |
JSON + SARIF for CI | โ | varies |
MCP-native (AI agents) | โ | โ |
Polyglot ports (JS/Go/Rust) | โ | โ |
Open license | โ COCL | varies |
Built in the spirit of protectai/llm-guard, re-framed the Cognis way. Missing a credit? Open a PR.
Integrations
Pipes into your stack: SARIF for code-scanning, JSON for anything, an MCP server (guardpost mcp) for AI agents, and a webhook forwarder for SIEM/Slack/Jira. See docs/INTEGRATIONS.md.
Install โ every way, every platform
pip install "git+https://github.com/cognis-digital/guardpost.git" # pip (works today)
pipx install "git+https://github.com/cognis-digital/guardpost.git" # isolated CLI
uv tool install "git+https://github.com/cognis-digital/guardpost.git" # uv
pip install cognis-guardpost # PyPI (when published)
docker run --rm ghcr.io/cognis-digital/guardpost:latest --help # Docker
brew install cognis-digital/tap/guardpost # Homebrew tap
curl -fsSL https://raw.githubusercontent.com/cognis-digital/guardpost/main/install.sh | shLinux | macOS | Windows | Docker | Cloud |
|
|
|
| DEPLOY.md (AWS/Azure/GCP/k8s) |
Related Cognis tools
aegisโ AI Agent Permission & Access Auditor โ surfaces the lethal trifecta of credentials + injection + reachpromptmirrorโ Prompt-injection & indirect-injection scanner for any LLM context inputledgermindโ Local LLM cost & token forensics proxy with anomaly detectionadversaโ LLM red-team harness โ OWASP LLM Top 10 + MITRE ATLAS attack packshallumarkโ LLM hallucination & grounding auditor for RAG systemsaicardโ Auto-generated NIST AI RMF / EU AI Act Annex IV model & system cards
Explore the suite โ ๐๏ธ all 170+ tools ยท โญ awesome-cognis ยท ๐ cognis-sources ยท ๐ค uncensored-fleet ยท ๐ง engram
Contributing
PRs, new rules, and demo scenarios are welcome under the collaboration-pull model โ see CONTRIBUTING.md and SECURITY.md.
โญ If
guardpostsaved you time, star it โ it genuinely helps others find it.
Interoperability
{} composes with the 300+ tool Cognis suite โ JSON in/out and a shared
OpenAI-compatible /v1 backbone. See INTEROP.md for the
suite map, composition patterns, and reference stacks.
License
Source-available under the Cognis Open Collaboration License (COCL) v1.0 โ free for personal, internal-evaluation, research, and educational use; commercial / production use requires a license (licensing@cognis.digital). See LICENSE.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/cognis-digital/guardpost'
If you have feedback or need assistance with the MCP directory API, please join our Discord server