#supply-chain

Pre-install risk gate for npm packages. Stops AI coding agents from running malicious or typosquatted packages before lifecycle scripts run.

A reference implementation of the SchemaPin protocol for cryptographically signing and verifying AI agent tool schemas to prevent supply-chain attacks.

TEOS MCP is an MCP server that performs real-time diff-level security scanning for AI agents and CI/CD pipelines. It analyzes code diffs before merge or deployment and returns a deterministic gate decision: ALLOW WARN BLOCK Built for: • AI agents • Autonomous systems • DevSecOps teams • CI/CD workflows Features: • Diff risk scoring • Deterministic merge gate • Real-time enforcement • Usage-based monetization (pay-per-scan) • Optional on-chain verification Unlike gateway filters, TEOS MCP performs code-level intelligence before execution.

Open-source MCP server for logistics. Runs inside your security perimeter — connects to TMS, ERP, email, and documents. Gives AI agents deep context about shipments, carriers, rates, and routes without data leaving your infrastructure.

Scan MCP servers for security risks before your AI agent trusts them. Detects prompt injection, supply chain attacks (including the LiteLLM 1.82.7/1.82.8 backdoor), excessive permissions, arbitrary code execution, typosquatting, and tool shadowing. Add to your .mcp.json and let your agent audit its own tools with tooltrust_scan_config.