From 69f15579e3c9eb1c74c4b09cc8ce488ec3149fe7 Mon Sep 17 00:00:00 2001
From: scottbitbot2502 <scott@langsmart.ai>
Date: Sat, 16 May 2026 10:28:18 -0500
Subject: [PATCH] Add aperion-shield under Agent Runtime Security & Sandboxing

Apache-2.0 Rust MCP gateway, v0.5.0 released 2026-05-09.
Fits neighbor entries (claude-code-safety-net, leash, vibekit) but
operates at the MCP transport layer instead of wrapping a single
coding agent. Validated false-positive rate published in the README
and reproducible via the bundled corpus.
---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 4fe1699..9a5213a 100644
--- a/README.md
+++ b/README.md
@@ -229,6 +229,7 @@ If you want to contribute, create a PR or contact me [@ottosulin](https://mastod
 * [nanoclaw](https://github.com/qwibitai/nanoclaw) - _Lightweight alternative to OpenClaw that runs in containers for security. Connects to WhatsApp, has memory, scheduled jobs, and runs directly on Anthropic's Agents SDK. First AI assistant to support Agent Swarms for collaborative agent teams._
 * [secureclaw](https://github.com/adversa-ai/secureclaw) - _Automated security hardening for OpenClaw AI agents by Adversa AI. 51 audit checks, 12 behavioral rules, 9 scripts, 4 pattern databases. Full OWASP ASI Top 10 coverage. Protects against prompt injection, credential theft, supply chain attacks, and privacy leaks._
 * [defenseclaw](https://github.com/cisco-ai-defense/defenseclaw) - _Enterprise governance layer for OpenClaw from Cisco AI Defense. Scans skills, MCP servers, and plugins with built-in CodeGuard SAST, tool call inspection engine, LLM guardrail proxy, and SIEM integration. Auto-blocks HIGH/CRITICAL findings._
+* [aperion-shield](https://github.com/AperionAI/shield) - _Apache-2.0 Rust MCP gateway that wraps any MCP server and blocks destructive agent operations (DROP DATABASE, rm -rf, force-push, credential exfiltration, dangerous SQL UPDATEs) before they reach the upstream tool. Adaptive scoring across five signals (rule severity, workspace context probe, decision memory, burst detector, composite score) targets low false-positive rate — 98.4% pass-through measured against 13,000 real Cursor agent commands. Single binary; integrates via stdio without SDK changes to the agent._
 
 ### MCP Security
 * [MCP-Security-Checklist](https://github.com/slowmist/MCP-Security-Checklist) - _A comprehensive security checklist for MCP-based AI tools. Built by SlowMist to safeguard LLM plugin ecosystems._