TenantGuard

RudrenduPaul/TenantGuard
★ 0 stars Go Security Updated today
CLI security scanner and MCP server for self-hosted multi-tenant AI-agent platforms. 16 fail-closed OPA/Rego rules catch tenant-isolation defects (sandbox scoping, SSRF, cross-tenant cron/auth, secret leakage). SARIF, JSON, and MCP output for CI and AI agents.
View on GitHub → 🔍 Audit Wallet Slippage →

Quick Install

Copy the config for your editor. Some servers may need additional setup — check the README.

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "tenantguard": {
      "command": "go",
      "args": [
        "run",
        "github.com/RudrenduPaul/TenantGuard@latest"
      ]
    }
  }
}

README Excerpt

**Find the tenant-isolation gap in your self-hosted, multi-tenant AI-agent platform before an auditor, or an attacker, does.** ``` npm install -g tenantguard ``` This is the recommended install today. The top-level `tenantguard` npm package now publishes; it pulls in the matching platform binary as an npm `optionalDependency` (cosign-verified at publish time, so there's no separate verification step for you) and puts a `tenantguard` command on your `PATH`.

Tools (3)

controlformattarget

Topics

agentic-aiai-agent-securitycli-toolcompliancedevsecopsgithub-actionsgomcpmodel-context-protocolmulti-tenantopapolicy-as-coderegosarifsecurity-scanner