Built for developers shipping AI-generated code fast. Exposes 36 MCP tools including scan_code, fix_code, and audit_codebase across 422 security rules targeting the actual stacks AI agents generate: Next.js Server Actions, Supabase RLS policies, Clerk auth flows, tRPC endpoints, Stripe integrations. The fix_code tool returns structured patches AI agents can apply mechanically, migrating hardcoded credentials to env vars, stripping dangerous CORS wildcards, removing sandbox bypass flags. Runs entirely local with no API keys required. Daily threat intel pipeline tracks GHSA and CISA KEV for CVE version detection across 60 packages. Includes guardvibe doctor to audit your AI host environment and pre-commit hooks to block insecure commits before they land.
claude mcp add --transport stdio goklab-guardvibe uvx guardvibe