Aperion Shield
@AperionAI
Local guardrail proxy for AI coding agents. Wraps any MCP server (stdio or Streamable HTTP) and blocks destructive tool calls — DROP TABLE, rm -rf, force-push — before they execute. TOFU catalog pinning against rug pulls, plus tool-poisoning and result-injection scanning. Single
概要
What is Aperion Shield?
Aperion Shield is a local MCP guardrail that sits between AI coding agents (e.g., Cursor, Claude Code) and real MCP servers, evaluating 50+ adaptive safety rules on every tools/call. It blocks, prompts for approval, or warns on actions across eight destructive surfaces: SQL, git, filesystem, secrets exfiltration, supply-chain RCE, reverse shells, privilege escalation, cloud, Kubernetes, and Docker. Since v0.9 it also inspects tool catalogs for rug pulls and tool results for prompt injection.
How to use Aperion Shield?
Install the binary (GitHub releases or Docker), configure it as your IDE’s MCP server, and run it as a local proxy. Use --scan <path|url|npm> to audit an MCP server before wiring it in, or --sandbox to confine upstream processes at the OS level. Shell shims for high-blast-radius CLIs are installed with --install-shims. Decision transparency is available via --explain.
Key features of Aperion Shield
- 50+ adaptive safety rules across eight destructive surfaces, plus optional 40-rule community pack
- TOFU catalog pinning with rug-pull detection on tool definitions
- Pre-install audit (
--scan) with static, npm vulnerability, and live catalog checks