From a733a411af5af7b15a0348577659daac3abab2fb Mon Sep 17 00:00:00 2001 From: Rul1an Date: Sun, 14 Jun 2026 08:46:13 +0200 Subject: [PATCH] Add Rul1an/assay to Security Policy-as-code gate for MCP: a fail-closed proxy that denies risky tool calls before they run, emits offline-verifiable evidence bundles, and enforces IPv4/TCP egress in-kernel via eBPF/LSM and Landlock on Linux. --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 242010380..c3d8bc753 100644 --- a/README.md +++ b/README.md @@ -2544,6 +2544,7 @@ Tools for conducting research, surveys, interviews, and data collection. - [radareorg/r2mcp](https://github.com/radareorg/radare2-mcp) 🍎πŸͺŸπŸ§πŸ πŸŒŠ - MCP server for Radare2 disassembler. Provides AI with capability to disassemble and look into binaries for reverse engineering. - [rev2ret/SecureAudit-MCP](https://github.com/rev2ret/SecureAudit-MCP) [![rev2ret/SecureAudit-MCP MCP server](https://glama.ai/mcp/servers/rev2ret/SecureAudit-MCP/badges/score.svg)](https://glama.ai/mcp/servers/rev2ret/SecureAudit-MCP) πŸ“‡ 🏠 🍎 πŸͺŸ 🐧 - Model Context Protocol (MCP) server for static C/C++ memory-safety scanning and compiled PE/ELF binary protections auditing (ASLR, DEP/NX, SafeSEH, PIE) with secure templates remediation. - [roadwy/cve-search_mcp](https://github.com/roadwy/cve-search_mcp) 🐍 🏠 - A Model Context Protocol (MCP) server for querying the CVE-Search API. This server provides comprehensive access to CVE-Search, browse vendor and product、get CVE per CVE-ID、get the last updated CVEs. +- [Rul1an/assay](https://github.com/Rul1an/assay) πŸ¦€ 🏠 🍎 πŸͺŸ 🐧 - Policy-as-code gate for MCP. A fail-closed proxy that denies risky tool calls before they run, produces offline-verifiable evidence bundles of what executed, and enforces IPv4/TCP egress in-kernel via eBPF/LSM and Landlock on Linux. Deterministic and offline-first. - [safedep/vet](https://github.com/safedep/vet/blob/main/docs/mcp.md) πŸŽ–οΈ 🏎️ ☁️ 🍎 πŸͺŸ 🐧 - vet-mcp checks open source packagesβ€”like those suggested by AI coding toolsβ€”for vulnerabilities and malicious code. It supports npm and PyPI, and runs locally via Docker or as a standalone binary for fast, automated vetting. - [samvas-codes/dawshund_mcp](https://github.com/samvas-codes/dawshund_mcp) ☁️ 🏠 - An MCP server based on dAWShund to enumerate AWS IAM data, analyze effective permissions, and visualize access relationships across users, roles, and resources. Built for cloud security engineers who want fast, easy and effective insights into AWS identity risk. - [sanyambassi/ciphertrust-manager-mcp-server](https://github.com/sanyambassi/ciphertrust-manager-mcp-server) 🐍 ☁️ 🏠 🐧 πŸͺŸ - MCP server for Thales CipherTrust Manager integration, enabling secure key management, cryptographic operations, and compliance monitoring through AI assistants.