Is io.github.dingdawg/dingdawg-governance safe to use?

io.github.dingdawg/dingdawg-governance has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install io.github.dingdawg/dingdawg-governance?

io.github.dingdawg/dingdawg-governance can be installed by cloning its GitHub repository and following the setup instructions in the README.

What AI clients work with io.github.dingdawg/dingdawg-governance?

io.github.dingdawg/dingdawg-governance is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.

Is io.github.dingdawg/dingdawg-governance actively maintained?

io.github.dingdawg/dingdawg-governance is actively maintained — last commit was 4 days ago. It has 1 GitHub stars.

io.github.dingdawg/dingdawg-governance

Universal governance layer for AI agents. MCP-native, fail-closed, audit proofs and rollback.

1 0 tools GitHub

No known CVEs

No license

Actively maintained

Last commit 4d ago

Works with most clients

Transport: stdio

0 tools

Grade F

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-dingdawg-dingdawg-governance": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-dingdawg-dingdawg-governance)](https://mcppedia.org/s/io-github-dingdawg-dingdawg-governance)

Read me

What io.github.dingdawg/dingdawg-governance does

Every AI action receipted. Capability-gated. Rollback-ready.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

36/100across 5 weighted dimensions

How we score →

0255075100

−64

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.dingdawg/dingdawg-governance safe to use?: io.github.dingdawg/dingdawg-governance has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.dingdawg/dingdawg-governance?: io.github.dingdawg/dingdawg-governance can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with io.github.dingdawg/dingdawg-governance?: io.github.dingdawg/dingdawg-governance is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.
Is io.github.dingdawg/dingdawg-governance actively maintained?: io.github.dingdawg/dingdawg-governance is actively maintained — last commit was 4 days ago. It has 1 GitHub stars.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

9.0k 3

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Mcpki Server92

mcpki-server is the backend infrastructure for https://www.mcpki.org, enabling secure public key management and autonomous certificate handling for large language models (LLMs).

MCP Security Weekly

Get CVE alerts and security updates for io.github.dingdawg/dingdawg-governance and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-dingdawg-dingdawg-governance": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-dingdawg-dingdawg-governance)](https://mcppedia.org/s/io-github-dingdawg-dingdawg-governance)

Read me

What io.github.dingdawg/dingdawg-governance does

Every AI action receipted. Capability-gated. Rollback-ready.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

README

DingDawg Governance

Every AI action receipted. Capability-gated. Rollback-ready.

AI Governance-as-a-Service via MCP. Every write, shell command, and state-changing operation your agent makes is validated before it runs and cryptographically receipted after it completes — giving you a tamper-evident audit trail you can query, export, or roll back at any time.

Works with Claude Code, Codex, Cursor, Windsurf, and any MCP-compatible agent.

Install

npm install dingdawg-governance

Quick Start

# Authenticate (free — no credit card)
npx dingdawg-governance auth login

# Start the governance MCP server
DINGDAWG_API_KEY=your_key npx dingdawg-governance

Add to your MCP client config:

{
  "mcpServers": {
    "dingdawg-governance": {
      "command": "npx",
      "args": ["dingdawg-governance"],
      "env": {
        "DINGDAWG_API_KEY": "your_key_here"
      }
    }
  }
}

Get your free API key at app.dingdawg.com/settings/api.

What You Get

Pre-execution validation — Every action checked against your policy before it runs. Blocked actions never touch your filesystem.
Cryptographic receipts — Tamper-evident record for every action with a unique ID, output hash, and public verification URL.
One-command rollback — Undo any file write by referencing its receipt ID. Prior state is captured automatically before every write.
Real-time trust scores — Behavioral pattern tracking across sessions surfaces anomalies before they become incidents.
Compliance reports in seconds — SOC 2 and ISO 27001-aligned audit reports as signed PDF or structured JSON. One API call.

MCP Tools

Tool	What it does
`validate_action`	Pre-execution check. Returns `APPROVED`, `FLAGGED`, or `BLOCKED` with reason code and risk score.
`generate_receipt`	Post-execution cryptographic receipt with tamper-evident output hash.
`capture_rollback_state`	Snapshot current state before destructive or high-risk operations.
`rollback_action`	Restore prior state from a receipt ID.
`query_receipts`	Search receipts by date, agent, action type, or status. Export-ready.
`check_status`	Current tier, daily usage, quota, and active governance alerts.
`generate_audit_report`	On-demand compliance report — SOC 2, ISO 27001, or custom policy framework.

Plans

Plan	Governed actions/day	Rollback window	Audit reports
Free	200	—	—
Pro — $29/mo	10,000	30 days	Unlimited
Business — $149/mo	Unlimited	90 days	Compliance PDF

No credit card to start. Full pricing: dingdawg.com/governance#pricing

Documentation

Full docs at dingdawg.com/governance/docs

Contributing

Issues and pull requests welcome. See CONTRIBUTING.md.

github.com/dingdawg/governance-mcp

Built by DingDawg — Trust layer for the agentic internet.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

36/100across 5 weighted dimensions

How we score →

0255075100

−64

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.dingdawg/dingdawg-governance safe to use?: io.github.dingdawg/dingdawg-governance has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.dingdawg/dingdawg-governance?: io.github.dingdawg/dingdawg-governance can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with io.github.dingdawg/dingdawg-governance?: io.github.dingdawg/dingdawg-governance is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.
Is io.github.dingdawg/dingdawg-governance actively maintained?: io.github.dingdawg/dingdawg-governance is actively maintained — last commit was 4 days ago. It has 1 GitHub stars.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

9.0k 3

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Mcpki Server92

mcpki-server is the backend infrastructure for https://www.mcpki.org, enabling secure public key management and autonomous certificate handling for large language models (LLMs).

MCP Security Weekly

Get CVE alerts and security updates for io.github.dingdawg/dingdawg-governance and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?