Guardian FAQs

Question 1

What kind of information do GuardianMCP reports provide?

Accepted Answer

GuardianMCP generates detailed security reports that include remediation guidance, links to relevant CVEs (Common Vulnerabilities and Exposures), and highlights issues based on CRITICAL and HIGH severity levels. You can choose between full, summary, or critical-high-only scan modes.

Question 2

Can GuardianMCP automatically scan my project for vulnerabilities?

Accepted Answer

Yes, GuardianMCP supports auto-triggering scans based on IDE rules. You can configure it to scan dependencies automatically during events like package installs (npm, Composer), code commits, or project startup, providing real-time alerts for critical issues.

Question 3

What is GuardianMCP and how does it work?

Accepted Answer

GuardianMCP is an MCP (Model Context Protocol) server that automatically scans your project's npm and Composer dependencies for known security vulnerabilities. It leverages the OSV.dev database to provide real-time alerts and detailed reports directly within your IDE.

Question 4

Which IDEs are compatible with GuardianMCP?

Accepted Answer

GuardianMCP seamlessly integrates with Cursor, VS Code, Claude Desktop, Windsurf, Zed (experimental), and any other IDEs that support the Model Context Protocol (MCP). It also offers flexible Docker deployment options.

Question 5

How does GuardianMCP ensure its own security?

Accepted Answer

GuardianMCP is designed with security in mind, boasting 0 vulnerabilities and minimal dependencies as verified by regular security audits. It uses the latest Node.js LTS and undergoes weekly dependency checks to maintain a secure posture.

Guardian

Guardian

Key Features

Use Cases

Key Features

Use Cases