Skillget

aidefend-mcp

mcp
Security Audit
Pass
Health Pass
  • License — License: MIT
  • Description — Repository has a description
  • Active repo — Last push 0 days ago
  • Community trust — 13 GitHub stars
Code Pass
  • Code scan — Scanned 12 files during light audit, no dangerous patterns found
Permissions Pass
  • Permissions — No dangerous permissions requested
Purpose: This tool is a local-first AI security assistant that syncs a defensive countermeasure library from GitHub, indexes it into a local database, and provides semantic search access via a REST API or an MCP server.

Security Assessment: Overall risk is Low. The tool safely parses JavaScript tactic files using an AST parser rather than executing the upstream framework code. No dangerous code patterns, hardcoded secrets, or excessive system permissions were found during the scan. The primary behavior to note is that it makes external network requests: it automatically syncs tactic files from an upstream GitHub repository and downloads a multilingual embedding model (which requires 2-3 GB of disk space). Because it runs a local FastAPI server and handles AI retrieval rather than sensitive user credentials, the data exposure risk is minimal.

Quality Assessment: The project is highly transparent and well-maintained. It uses a standard permissive MIT license and is very active, with its most recent code push happening today. The repository includes a CI/CD pipeline that features automated testing and Bandit security scanning, which shows a strong commitment to safe coding practices. While the community footprint is currently small (13 stars), the provided documentation is exceptionally thorough, offering multilingual instructions, clear installation paths for various clients, and detailed explanations of its internal workflows.

Verdict: Safe to use.
SUMMARY

AIDEFEND MCP is a local-first AI Security Defensive Assistant that brings the full AIDEFEND countermeasure library into your environment and turns static knowledge into actionable protection for LLMs and agentic AI systems — privately, securely, and on-device.

README.md

English README | 繁體中文 README

AIDEFEND MCP / REST API Service

CI
License: MIT
Python 3.9+
FastAPI

Local retrieval service for the AIDEFEND framework.

This repository safely parses the framework's JavaScript tactics, builds a local LanceDB knowledge base, and exposes the result through:

  • a REST API for applications and automation
  • an MCP server for AI assistants such as Claude Desktop

This repository is not the framework itself. It is the service layer on top of the framework.

What You Get

  • Local semantic search over AIDEFEND content
  • REST API and MCP access from the same indexed knowledge base
  • Automatic sync from the upstream GitHub repository by default
  • Optional local framework override for contributors working on both repos
  • Multilingual embedding search with Xenova/multilingual-e5-base
  • Automated tests and Bandit security scanning in GitHub Actions

How It Works

  1. Sync AIDEFEND tactic files from GitHub.
  2. Parse the JavaScript files with a Node.js AST parser. The service does not execute upstream framework code.
  3. Expand tactics into techniques, sub-techniques, and strategies.
  4. Generate embeddings and store the documents in LanceDB.
  5. Serve the indexed data over REST or MCP.

Requirements

  • Python 3.9 to 3.13
  • Node.js 18+
  • Git
  • About 2 to 3 GB free disk space for dependencies, embedding model, and local database

Normal users do not need to configure any personal local path. The default setup syncs from GitHub.

Quick Start

1. Clone the repository

git clone https://github.com/edward-playground/aidefend-mcp.git
cd aidefend-mcp

2. Pick an installation path

Use case Recommended command
Claude Desktop MCP python scripts/install.py
Claude Code MCP python scripts/install.py --client code
REST API only python scripts/install.py --no-mcp
Manual setup Follow INSTALL.md

3. Build the local knowledge base

python __main__.py --resync

The first sync downloads the framework, embedding model, and creates the local database. Expect several minutes on a clean machine.

4. Run the service

REST API:

python __main__.py

MCP server:

python __main__.py --mcp

Health check:

curl http://127.0.0.1:8000/health

Manual Setup From a Fresh Clone

If you want a clean, explicit install path instead of the helper script:

python -m venv .venv

Activate the virtual environment.

Windows PowerShell:

.venv\Scripts\Activate.ps1

macOS/Linux:

source .venv/bin/activate

Install dependencies:

python -m pip install --upgrade pip
python -m pip install -r requirements.txt
npm ci

Create local config:

macOS/Linux:

cp .env.example .env

Windows PowerShell:

Copy-Item .env.example .env

Then run:

python __main__.py --resync
python __main__.py

Optional Local Framework Override

By default the service syncs from GitHub. If you are developing this repo alongside a local checkout of aidefense-framework, you can point the sync to your local source:

LOCAL_FRAMEWORK_PATH=/path/to/aidefense-framework

This is optional and should stay unset for normal open-source users.

Common Commands

# Rebuild the local database from the configured source
python __main__.py --resync

# Run the REST API
python __main__.py

# Run the MCP server
python __main__.py --mcp

# Run tests
python -m pytest -q

# Run static security scan
python -m bandit -q -r app

Docker

docker-compose up -d

When binding externally, authentication is required. See docs/CONFIGURATION.md.

Documentation

Repository Notes

  • data/, local caches, coverage output, and .env are ignored by git and are not required in the repository.
  • CI runs pytest and bandit automatically on pushes and pull requests.
  • The service has been validated against the updated AIDEFEND framework structure as of April 14, 2026.

License

MIT. See LICENSE.

Reviews (0)

No results found