mcp-guard 0.1.0
·
34 commits
to main
since this release
b919f2d
This commit was signed with the committer’s verified signature.
First release of mcp-guard — a Roslyn analyzer that catches prompt-injection and tool-poisoning in C# MCP servers' tool descriptions at build time, before they ship.
Rules
- MCPG001 — prompt-injection / instruction-style phrasing in an MCP tool, parameter, or tool-type
[Description](e.g. "ignore previous instructions", "do not tell the user", "before answering, …"). - MCPG002 — hidden / non-printable Unicode (zero-width spaces, bidirectional controls, byte-order marks, tag characters) in MCP tool descriptions.
Install
<PackageReference Include="McpGuard.Analyzers" Version="0.1.0" PrivateAssets="all" />netstandard2.0 analyzer; loads on the .NET 8 and .NET 10 build hosts. Surfaces as IDE squiggles and build warnings, configurable per rule via .editorconfig. See the README and docs/rules/ for details.