aegis-ai
by hwandam77
Overview
Orchestrates multiple AI models (Codex, Qwen, Gemini) via JSON-RPC 2.0 based Model Context Protocol (MCP), focusing on a Test-Driven Development (TDD) workflow.
Installation
node src/index.jsSecurity Notes
The AI service wrappers (CodexService, QwenService, GeminiService) execute external CLI commands using `child_process.spawn` with `shell: true`. The `prompt` parameter, which can originate from external JSON-RPC requests, is directly passed as an argument within this shell command. This creates a significant shell injection vulnerability if input validation/sanitization is not rigorously applied to the `prompt` string before execution. There is no explicit sanitization shown in the provided code.
Similar Servers
archestra
A platform for securely deploying, orchestrating, and managing Model Context Protocol (MCP) servers and their AI-powered tools within an enterprise environment.
mcpproxy-go
MCPProxy super-charges AI agents with intelligent tool discovery, massive token savings, and built-in security quarantine against malicious Model Context Protocol (MCP) servers.
VibeShift
VibeShift is an intelligent security agent that integrates with AI coding assistants to analyze AI-generated code for vulnerabilities, suggest remediations, and facilitate web test recording, crawling, and execution.
deepsecure
Provides a zero-trust security control plane for AI agents, enabling cryptographic identity, authenticated ephemeral credentials, fine-grained policy enforcement, secret injection, and secure delegation for AI agent-to-agent interactions.