Drop-in defense against shell injection attacks in MCP stdio servers. Wraps child_process.exec and spawn with an allowlist registry, sandbox profiles (strict/standard/permissive with cgroup-v2 support), and replay detection. Ships three pieces: guardExec/guardSpawn functions you call from your own server, an AST audit CLI (mcp-shellguard-audit) that scans TypeScript/JavaScript for 12 anti-patterns from template literal injection to missing timeouts, and a reference server with 8 tools. Built after the Ox-Security disclosure of 200k vulnerable MCP servers. Reach for this if you're building MCP tools that shell out to git, docker, or system commands and want defense in depth before user input hits exec.
claude mcp add --transport stdio io.studiomeyer-stdio-shellguard uvx stdio-shellguard