goklab/guardvibe
by Various
Security MCP for vibe coding. 390 rules, 36 tools, CLI + doctor. Host security, auth coverage mapping, LLM-powered deep scan (IDOR/business logic), taint analysis for Next.js, Supa
MCP
goklab/guardvibe
Added 1 June 2026
Overview
Guardvibe is a security MCP tool for 'vibe coding' with 390 rules and 36 tools. It provides host security, auth coverage mapping, and LLM-powered deep scan for IDOR and business logic flaws. It includes taint analysis for frameworks like Next.js, Supabase, Clerk, Stripe, Prisma, Drizzle, Hono, GraphQL, AI SDK, and MCP.
Best for
Best for
Developers building AI-native applications who want automated security scanning
Use cases
- Scan for security vulnerabilities in AI-native stacks
- Map authentication coverage and identify gaps
- Perform LLM-driven deep scan for business logic flaws
Notes
Guardvibe is a security MCP tool for ‘vibe coding’ with 390 rules and 36 tools. It provides host security, auth coverage mapping, and LLM-powered deep scan for IDOR and business logic flaws. It includes taint analysis for frameworks like Next.js, Supabase, Clerk, Stripe, Prisma, Drizzle, Hono, GraphQL, AI SDK, and MCP.
1 stars on GitHub. Last updated 2026-05-30. Licensed Apache-2.0.
Use cases
- Scan for security vulnerabilities in AI-native stacks
- Map authentication coverage and identify gaps
- Perform LLM-driven deep scan for business logic flaws
Pros
- Comprehensive set of 390 security rules covering many frameworks
- Includes LLM-powered analysis for complex vulnerabilities like IDOR
- Provides CLI and doctor mode for integration
Cons
- Very new project with limited adoption (only 1 star)
- May require significant setup for custom projects
- Relies on LLM which can be inconsistent or costly
Indexed from awesome-mcp-servers-punkpeye and enriched against its public facts.
Pros
- Comprehensive set of 390 security rules covering many frameworks
- Includes LLM-powered analysis for complex vulnerabilities like IDOR
- Provides CLI and doctor mode for integration
Cons
- Very new project with limited adoption (only 1 star)
- May require significant setup for custom projects
- Relies on LLM which can be inconsistent or costly
Pairs with
Other entries in the index that connect to this one. Click through to see the chain.
Claude Code
Anthropic
Anthropic's terminal-native coding agent. Reads your repo, edits files, runs tests, ships PRs.
Cursor
Anysphere
The AI-first code editor. Tab to autocomplete, Composer to multi-file refactor, Agents for the long-running stuff.
Cline
Cline
Open-source autonomous coding agent that lives inside VS Code. BYO model key, watch it work.