If you're exposing shell commands, file system access, or email tools to an AI agent, this gives you seven security checks to wrap around those calls. It scans for prompt injection patterns across 32 rules in English and Chinese, detects PII like SSNs and API keys in tool outputs without redacting them, blocks dangerous commands like rm -rf or reverse shells, and stops data exfiltration chains where the agent reads sensitive data then tries to email or curl it externally. Works as a standalone MCP server over stdio or as an SDK you can embed in any agent framework. The data loss prevention model lets PII flow internally but blocks outbound sends when sensitive data was recently accessed.
claude mcp add --transport stdio jnmetacode-shellward uvx shellward