[Proposal] AgentWard integration as a security guardrail layer for mcp-for-security #56
Description
Hi team,
Great project — wrapping offensive security tools (nmap, sqlmap, nuclei, etc.) as MCP servers is exactly where the ecosystem needs to go. I've been using the collection and it's well put together.
One gap I've been thinking about: these are powerful tools exposed via MCP, which means any connected AI agent can invoke them. In production, that's a risk — an agent could run an nmap scan against an unauthorized target, or trigger sqlmap against a production database it shouldn't touch.
I built AgentWard (https://github.com/agentward-ai/agentward), an open-source permission control plane that scans and enforces policies on MCP tool calls. It would sit as a middleware layer in front of mcp-for-security servers and enforce rules like:
- Only allow nmap scans against whitelisted IP ranges
- Block sqlmap execution unless the target is in an approved scope
- Require explicit approval for any destructive operation
- Audit log every tool invocation with full parameters
I'd like to propose a collaboration:
- I'll write an integration guide showing how to deploy AgentWard in front of mcp-for-security
- We add it to the README as a recommended security layer
- Optionally, I can contribute a pre-configured AgentWard policy file specifically for mcp-for-security tools
The narrative writes itself: "Use AI agents for offensive security — but with guardrails."
I've attached a sample report from agentward scan for reference.
mcp-for-security-agentward-report.md
Happy to discuss or submit a PR. What do you think?
— Ratnaditya
https://agentward.ai | https://github.com/agentward-ai/agentward