Skip to content

Releases: teehooai/spidershield

v1.0 — GitHub Marketplace Release

27 Mar 05:28
@teehooai teehooai
v1
ab9ba45

Choose a tag to compare

View all tags
v1.0 — GitHub Marketplace Release Latest
Marketplace
Latest
Marketplace

SpiderShield v1.0

First Marketplace release of the SpiderShield GitHub Action.

Features

  • Static security analysis for MCP servers (tool poisoning, prompt injection, SSRF, etc.)
  • Trust Registry lookup via SpiderRating API (grade + score + verdict)
  • PR gate — fail CI if score below threshold or grade worse than specified
  • Auto PR comment with scan results and badge
  • Badge URL output for README embedding

Usage

- uses: teehooai/spidershield@v1
  with:
    fail-on: D

Free for all public repositories.

Assets 2
Loading

v0.3.2

14 Mar 03:57
@teehooai teehooai
v0.3.2
75ecbb9

Choose a tag to compare

View all tags
v0.3.2

Changes

  • Add scoring_spec module (required by spiderrating rating engine)
  • Fix 23 bugs across core modules (deep code review)
  • Add 5 scanner bug fixes + 10 regression tests
  • P4 scanner hardening: 5 new patterns, return_docs scorer, 65 new tests

Install

pip install spidershield==0.3.2
Loading

v0.3.0 — SpiderShield: unified static + runtime security

10 Mar 01:06
@teehooai teehooai
v0.3.0
ddc43cf

Choose a tag to compare

View all tags
v0.3.0 — SpiderShield: unified static + runtime security

What's New

SpiderShield — the unified open-source MCP security toolkit (renamed from TeeShield).

Static Analysis (from TeeShield)

  • Security pattern scanner (15 error + 11 warning codes)
  • Tool description quality scoring
  • Architecture & license checks
  • SARIF output for GitHub Code Scanning

Runtime Guard (NEW)

  • RuntimeGuard with before_call / after_call pipeline
  • Three-decision model: ALLOW / DENY / ESCALATE
  • DLP engine: PII (6 types + Luhn), Secrets (12 types), Prompt Injection (11 patterns)
  • Policy presets: strict / balanced / permissive
  • MCP stdio proxy for transparent interception
  • Audit logging with SQLite storage

Agent Security

  • Config auditing, skill scanning, toxic flow analysis
  • Content pinning (SHA-256 rug-pull detection)
  • Allowlist enforcement
pip install spidershield
spidershield scan <server-path>
spidershield guard --preset balanced -- <mcp-command>
Loading

v0.2.0 — Scoring Reliability Overhaul

09 Mar 02:52
@teehooai teehooai
v0.2.0
ae4ae07

Choose a tag to compare

View all tags
v0.2.0 — Scoring Reliability Overhaul

What's New

Scoring Reliability

  • Semantic density multiplier — blocks keyword-stuffing attacks (previously scored 10.0, now 3.0)
  • Golden set calibration — 8 curated 10/10 descriptions as living benchmark
  • Discrimination gradient — verified monotonic: golden > good > mediocre > poor > empty

Quality Gate

  • Rewriter auto-rejects tautological rewrites ("Use when the user wants to X_Y")
  • Rewriter auto-rejects rewrites that don't improve score
  • Scenario triggers reduced from 18 templates to 2 universal patterns

Security Scanner

  • Eliminated 7 false positives across security patterns
  • TypeScript prototype pollution detection
  • SQL injection pattern improvements (Python + TypeScript)

Architecture Scoring

  • Gradual scoring for tests, error handling, and README (replaces binary pass/fail)
  • More accurate scores for real-world MCP servers

Test Suite

  • 52 tests: scanner (21) + rewriter (14) + golden calibration (17)
  • Anti-gaming regression tests
  • Quality gate end-to-end tests

Full changelog: v0.1.3...v0.2.0

Loading

TeeShield v0.1.4

08 Mar 15:39
@teehooai teehooai
v0.1.4
7587e1e

Choose a tag to compare

View all tags
TeeShield v0.1.4
  • MCP Server mode (stdio) for Glama integration
  • Dockerfile for containerized deployment
  • TypeScript tool extraction support
  • Clean PyPI release
Loading

TeeShield v0.1.3

08 Mar 09:51
@teehooai teehooai
v0.1.3
0f50d77

Choose a tag to compare

View all tags
TeeShield v0.1.3

What's New

  • MCP Server mode: TeeShield now runs as an MCP server, exposing scan_mcp_server tool via stdio protocol
  • Dockerfile: Ready for containerized deployment and Glama listing
  • teeshield-server entry point for direct MCP server launch

Install

pip install teeshield

Run as MCP Server

{
  "mcpServers": {
    "teeshield": {
      "command": "teeshield-server"
    }
  }
}

Docker

docker build -t teeshield .
docker run -i teeshield
Loading

v0.1.1

08 Mar 07:26
@teehooai teehooai
v0.1.1
9fbf3a9

Choose a tag to compare

View all tags
v0.1.1

Fixes

  • Fix Windows cp1252 encoding crash in teeshield harden (emoji character)
  • Fix --help showing garbled characters (em-dash in docstrings)
  • Replace all remaining Unicode special characters with ASCII equivalents
  • Update LICENSE copyright from AgentShield to TeeShield
  • Update batch-scan-results.json references to teeshield
  • Add MCP Security Report and shields.io badges to README
  • Add Threat Model section to README
Loading

TeeShield v0.1.0

08 Mar 06:21
@teehooai teehooai
v0.1.0
c1355a5

Choose a tag to compare

View all tags
TeeShield v0.1.0

TeeShield v0.1.0 — Initial Release

Security scanner for MCP tools. Scan, rate, and improve AI agent skill descriptions.

Features

  • teeshield scan — 4-stage scan (license, security, descriptions, architecture)
  • teeshield rewrite — Improve tool descriptions (template-based or Claude API)
  • teeshield harden — Security recommendations
  • GitHub Action for CI integration
  • Supports Python and TypeScript MCP servers

Install

pip install teeshield
Loading