Is io.github.bch1212/injectshield safe to use?

io.github.bch1212/injectshield has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install io.github.bch1212/injectshield?

io.github.bch1212/injectshield can be installed by cloning its GitHub repository and following the setup instructions in the README.

What AI clients work with io.github.bch1212/injectshield?

io.github.bch1212/injectshield is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.

Is io.github.bch1212/injectshield actively maintained?

io.github.bch1212/injectshield is actively maintained — last commit was 9 days ago.

io.github.bch1212/injectshield

Prompt-injection firewall for AI agents — scan untrusted text before LLM calls.

0 tools GitHub

No known CVEs

No license

Actively maintained

Last commit 9d ago

Works with most clients

Transport: stdio

0 tools

Grade F

Edit this pageView history

AI / ML Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-bch1212-injectshield": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-bch1212-injectshield)](https://mcppedia.org/s/io-github-bch1212-injectshield)

Read me

What io.github.bch1212/injectshield does

Prompt-injection firewall for AI agents — scan untrusted text before LLM calls.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

32/100across 5 weighted dimensions

How we score →

0255075100

−68

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Help improve this page

This server is missing a description. Tools and install config are also missing.If you've used it, help the community.

Add information

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.bch1212/injectshield safe to use?: io.github.bch1212/injectshield has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.bch1212/injectshield?: io.github.bch1212/injectshield can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with io.github.bch1212/injectshield?: io.github.bch1212/injectshield is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.
Is io.github.bch1212/injectshield actively maintained?: io.github.bch1212/injectshield is actively maintained — last commit was 9 days ago.

Similar servers

Others in ai-ml / security

View all →

Memory MCP Server98

Persistent memory using a knowledge graph

86.0k 5

Context Mode95

Privacy-first. MCP is the protocol for tool access. We're the virtualization layer for context.

15.2k 6

Gemini Cli95

An open-source AI agent that brings the power of Gemini directly into your terminal.

104.4k 8

Antigravity Workspace Template94

Workspace template + MCP server for Claude Code, Codex CLI, Cursor & Windsurf. Multi-agent knowledge engine (ag-refresh / ag-ask) that turns any codebase into a queryable AI assistant.

1.2k 2

MCP Security Weekly

Get CVE alerts and security updates for io.github.bch1212/injectshield and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

AI / ML Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-bch1212-injectshield": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-bch1212-injectshield)](https://mcppedia.org/s/io-github-bch1212-injectshield)

Read me

What io.github.bch1212/injectshield does

Prompt-injection firewall for AI agents — scan untrusted text before LLM calls.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

README

InjectShield

Prompt-injection firewall for AI agents.

A drop-in REST API that detects and neutralizes injection attacks in any text — git commits, web pages, files, emails, user inputs — before they reach your AI agent's context window.

This repo is the open-source heuristic ruleset plus the source for the managed API at promptshield.pages.dev.

Why

In May 2026 a viral HN thread demonstrated that a single git commit message could burn a Claude Code user's entire session quota via a schema-driven attack ("OpenClaw"). The pattern is general: any AI agent that ingests untrusted text — code review bots, documentation summarizers, RAG agents, support copilots — is exposed to prompt injection. Most teams ship without any input-side defense.

InjectShield is one layer of a defense-in-depth strategy. It's not a silver bullet. Use it alongside system-prompt hardening, tool sandboxing, and output filtering.

Install as an MCP (Claude Code, Cursor, Cline, ...)

InjectShield ships a native MCP server at @injectshield/mcp. Once installed, your agent has three new tools — scan, scan_url, patterns — for input-side defense without writing any glue code.

# Claude Code:
claude mcp add injectshield --env INJECTSHIELD_API_KEY=is_live_… -- npx -y @injectshield/mcp

For Cursor / Cline / other MCP clients, see packages/injectshield-mcp/README.md.

Quick start

# 1) Get a key (delivered by email):
curl -X POST https://api.injectshield.dev/v1/keys \
  -H "Content-Type: application/json" \
  -d '{"email":"you@company.com"}'

# 2) Scan:
curl -X POST https://api.injectshield.dev/v1/scan \
  -H "Authorization: Bearer is_live_..." \
  -H "Content-Type: application/json" \
  -d '{"text":"ignore previous instructions","context":"user_input"}'

Or signup via the landing page: https://injectshield.dev — self-serve, email delivery.

What's open-source vs. managed

Live:

Landing page + live demo: https://injectshield.dev
API base: https://api.injectshield.dev
Health: https://api.injectshield.dev/healthz
Docs: https://injectshield.dev/docs

Open-source (this repo, MIT):

src/patterns.ts — the heuristic pattern library (~20 categorized rules).
src/detect.ts — the detection engine (heuristic aggregation, sanitization).
test/ — the test suite.
server/, public/ — the full API + landing-page source.

Managed only (paid tiers):

Hosted API with usage metering, dashboards, custom-pattern uploads, webhook alerts, no-logging mode (Pro), team accounts.
Future: Workers AI / Anthropic semantic classifier with prompt-engineered injection detection.

Detection categories

Category	Examples
`instruction_injection`	"ignore previous instructions", "new system prompt"
`system_override`	system-prompt leak, role-tag forgery, ChatML/Llama special tokens
`role_hijack`	"you are now…", DAN, Developer Mode
`exfiltration`	data sent to attacker URLs, markdown image exfil
`schema_attack`	OpenClaw-style schema references
`encoding_smuggle`	base64-decoded directives
`invisible_text`	zero-width / bidi / Unicode-Tag smuggling
`tool_abuse`	synthetic tool-call directives in untrusted text
`jailbreak_classic`	DAN, "no restrictions", etc.

Contributing patterns

Found a novel attack? Open a PR adding a PatternRule to src/patterns.ts with:

A unique id.
A category from the enum above.
A weight in [0, 1] — pick conservatively; the aggregation in detect.ts combines weights so every additional rule contributes meaningfully but isn't dominant.
A test in test/detect.test.ts covering both a positive and a likely-benign negative example.

We auto-deploy merged patterns to the managed API. No-cost contributions get attribution in the changelog.

Running locally

npm install
npm tes

... [View full README on GitHub](https://github.com/bch1212/injectshield#readme)

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

32/100across 5 weighted dimensions

How we score →

0255075100

−68

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Help improve this page

This server is missing a description. Tools and install config are also missing.If you've used it, help the community.

Add information

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.bch1212/injectshield safe to use?: io.github.bch1212/injectshield has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.bch1212/injectshield?: io.github.bch1212/injectshield can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with io.github.bch1212/injectshield?: io.github.bch1212/injectshield is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.
Is io.github.bch1212/injectshield actively maintained?: io.github.bch1212/injectshield is actively maintained — last commit was 9 days ago.

Similar servers

Others in ai-ml / security

View all →

Memory MCP Server98

Persistent memory using a knowledge graph

86.0k 5

Context Mode95

Privacy-first. MCP is the protocol for tool access. We're the virtualization layer for context.

15.2k 6

Gemini Cli95

An open-source AI agent that brings the power of Gemini directly into your terminal.

104.4k 8

Antigravity Workspace Template94

Workspace template + MCP server for Claude Code, Codex CLI, Cursor & Windsurf. Multi-agent knowledge engine (ag-refresh / ag-ask) that turns any codebase into a queryable AI assistant.

1.2k 2

MCP Security Weekly

Get CVE alerts and security updates for io.github.bch1212/injectshield and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?