brandguard
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@brandguardscan brand 'Acme' for typosquats"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
brandguard š”ļø
Brand impersonation & typosquat monitor for AI agents and brand owners.
Feed brandguard a brand or product name and it scans npm, PyPI and GitHub for packages and repos that typosquat or impersonate you ā each risk-scored ā plus a ready-to-review takedown / trademark-notice draft.
brandguard reports from public sources. It does not file claims on anyone's behalf and is not a law firm or your agent. The takedown notice is a draft for the rights-holder to review, complete and file themselves.
Live: https://brandguard.djrorrok.workers.dev
Why an agent can't do this alone (the moat)
An LLM coding/brand agent, on its own, doesn't know:
the typosquat surface of a name (omissions, doubling, homoglyphs
oā0 lā1, deceptive-js/-sdk/-officialaffixes);which listings across three registries actually exist right now;
how to separate the real brand / legit integrations (own npm scope, high adoption, third-party org scopes like
@types/*) from parked squats ā without crying wolf.
brandguard does the cross-registry lookups and the calibrated scoring so the
verdict is trustworthy: LIKELY_ABUSE is only raised with a signal beyond
the name match (a "this is the official X" claim, or a parked-squat download
pattern). Bare name matches are SUSPECT ā human review, never a false accusation.
Related MCP server: DepShield MCP
Use it
Free HTTP API
GET /scan?brand=acme&official=acme-inc # top 5 findings, risk-scored (npm + PyPI)MCP (over HTTP)
POST /mcp ā tools: scan_brand, draft_takedown.
Pay-per-call (x402) ā full scan + takedown drafts
GET /pro/scan?brand=acme&official=acme-inc # 402 -> pay $0.15 USDC (Base) -> full report + draftsSettles in USDC on Base via x402. No sign-up, no API key.
Sources (all public / ToS-compliant)
npm public registry search + downloads API
PyPI JSON API
GitHub Search API (server-side token)
Develop / deploy
node src/test.mjs # unit + live tests
npx wrangler deploy # Cloudflare WorkerMIT. Not legal advice.
This server cannot be installed
Maintenance
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/Baneado98/brandguard'
If you have feedback or need assistance with the MCP directory API, please join our Discord server