From d8becc676b76ef42a22b3f7c25e5250bef30e6ee Mon Sep 17 00:00:00 2001 From: Tim-Marsden Date: Thu, 30 Apr 2026 17:21:37 +1200 Subject: [PATCH 1/2] Add Arai to Security --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 55f255c0..db110a5c 100644 --- a/README.md +++ b/README.md @@ -2154,6 +2154,7 @@ Tools for conducting research, surveys, interviews, and data collection. - [zboralski/ida-headless-mcp](https://github.com/zboralski/ida-headless-mcp) 🏎️ 🐍 🏠 🍎 🪟 🐧 - Headless IDA Pro binary analysis via MCP. Multi-session concurrency with Go orchestration and Python workers. Supports Il2CppDumper and Blutter metadata import for Unity and Flutter reverse engineering. - [zinja-coder/apktool-mcp-server](https://github.com/zinja-coder/apktool-mcp-server) 🐍 🏠 - APKTool MCP Server is a MCP server for the Apk Tool to provide automation in reverse engineering of Android APKs. - [takleb3rry/zitadel-mcp](https://github.com/takleb3rry/zitadel-mcp) 📇 ☁️ 🏠 - MCP server for Zitadel identity management — manage users, projects, OIDC apps, roles, and service accounts through natural language. +- [taniwhaai/arai](https://github.com/taniwhaai/arai) 🦀 🏠 🍎 🪟 🐧 - Policy enforcement for AI coding agents derived from existing instruction files (CLAUDE.md, .cursorrules, .windsurfrules, .github/copilot-instructions.md) — no separate YAML to maintain. Rules with prohibitive predicates (`never`, `forbids`, `must_not`) emit `permissionDecision: deny` to block tool calls in Claude Code; advisory rules inject context. PostToolUse is correlated with PreToolUse to produce per-rule obeyed/ignored compliance verdicts in a local JSONL audit log. MCP tools — `arai_add_guard` (register rules mid-session), `arai_list_guards`, `arai_recent_decisions` — work in any MCP client (Claude Desktop, Cursor, Windsurf, Cline). No network on the hook hot path; opt-out anonymous telemetry. - [toan203/osv-ui](https://github.com/toan203/osv-ui) [![toan203/osv-ui MCP server](https://glama.ai/mcp/servers/toan203/osv-ui/badges/score.svg)](https://glama.ai/mcp/servers/toan203/osv-ui) 📇 🏠 🍎 🪟 🐧 - Visual CVE audit dashboard for npm, Python, Go, and Rust. Scan from Claude/Cursor, opens a browser UI for human review (human-in-the-loop), applies fixes with explicit confirmation. Powered by OSV.dev. - [ScopeBlind/verify-mcp](https://github.com/ScopeBlind/verify-mcp) [![ScopeBlind/verify-mcp MCP server](https://glama.ai/mcp/servers/ScopeBlind/verify-mcp/badges/score.svg)](https://glama.ai/mcp/servers/ScopeBlind/verify-mcp) 📇 🏠 🍎 🪟 🐧 - Offline verification of signed artifacts -- receipts, manifests, audit bundles. Ed25519 + JCS. No accounts, no API calls. Apache-2.0. - [zinja-coder/jadx-ai-mcp](https://github.com/zinja-coder/jadx-ai-mcp) ☕ 🏠 - JADX-AI-MCP is a plugin and MCP Server for the JADX decompiler that integrates directly with Model Context Protocol (MCP) to provide live reverse engineering support with LLMs like Claude. From fafcc8b2e45229bfa9f8c578954961e7a5ecac98 Mon Sep 17 00:00:00 2001 From: Tim-Marsden Date: Fri, 1 May 2026 07:59:53 +1200 Subject: [PATCH 2/2] Add Glama score badge to taniwhaai/arai entry Per the awesome-mcp-servers listing-requirements bot: the badge links the entry to the Glama listing where the MCP server has been configured with a Dockerfile and verified to start + respond to introspection. Format matches the surrounding entries (toan203/osv-ui, ScopeBlind/verify-mcp). --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index db110a5c..ae5c7167 100644 --- a/README.md +++ b/README.md @@ -2154,7 +2154,7 @@ Tools for conducting research, surveys, interviews, and data collection. - [zboralski/ida-headless-mcp](https://github.com/zboralski/ida-headless-mcp) 🏎️ 🐍 🏠 🍎 🪟 🐧 - Headless IDA Pro binary analysis via MCP. Multi-session concurrency with Go orchestration and Python workers. Supports Il2CppDumper and Blutter metadata import for Unity and Flutter reverse engineering. - [zinja-coder/apktool-mcp-server](https://github.com/zinja-coder/apktool-mcp-server) 🐍 🏠 - APKTool MCP Server is a MCP server for the Apk Tool to provide automation in reverse engineering of Android APKs. - [takleb3rry/zitadel-mcp](https://github.com/takleb3rry/zitadel-mcp) 📇 ☁️ 🏠 - MCP server for Zitadel identity management — manage users, projects, OIDC apps, roles, and service accounts through natural language. -- [taniwhaai/arai](https://github.com/taniwhaai/arai) 🦀 🏠 🍎 🪟 🐧 - Policy enforcement for AI coding agents derived from existing instruction files (CLAUDE.md, .cursorrules, .windsurfrules, .github/copilot-instructions.md) — no separate YAML to maintain. Rules with prohibitive predicates (`never`, `forbids`, `must_not`) emit `permissionDecision: deny` to block tool calls in Claude Code; advisory rules inject context. PostToolUse is correlated with PreToolUse to produce per-rule obeyed/ignored compliance verdicts in a local JSONL audit log. MCP tools — `arai_add_guard` (register rules mid-session), `arai_list_guards`, `arai_recent_decisions` — work in any MCP client (Claude Desktop, Cursor, Windsurf, Cline). No network on the hook hot path; opt-out anonymous telemetry. +- [taniwhaai/arai](https://github.com/taniwhaai/arai) [![taniwhaai/arai MCP server](https://glama.ai/mcp/servers/taniwhaai/arai/badges/score.svg)](https://glama.ai/mcp/servers/taniwhaai/arai) 🦀 🏠 🍎 🪟 🐧 - Policy enforcement for AI coding agents derived from existing instruction files (CLAUDE.md, .cursorrules, .windsurfrules, .github/copilot-instructions.md) — no separate YAML to maintain. Rules with prohibitive predicates (`never`, `forbids`, `must_not`) emit `permissionDecision: deny` to block tool calls in Claude Code; advisory rules inject context. PostToolUse is correlated with PreToolUse to produce per-rule obeyed/ignored compliance verdicts in a local JSONL audit log. MCP tools — `arai_add_guard` (register rules mid-session), `arai_list_guards`, `arai_recent_decisions` — work in any MCP client (Claude Desktop, Cursor, Windsurf, Cline). No network on the hook hot path; opt-out anonymous telemetry. - [toan203/osv-ui](https://github.com/toan203/osv-ui) [![toan203/osv-ui MCP server](https://glama.ai/mcp/servers/toan203/osv-ui/badges/score.svg)](https://glama.ai/mcp/servers/toan203/osv-ui) 📇 🏠 🍎 🪟 🐧 - Visual CVE audit dashboard for npm, Python, Go, and Rust. Scan from Claude/Cursor, opens a browser UI for human review (human-in-the-loop), applies fixes with explicit confirmation. Powered by OSV.dev. - [ScopeBlind/verify-mcp](https://github.com/ScopeBlind/verify-mcp) [![ScopeBlind/verify-mcp MCP server](https://glama.ai/mcp/servers/ScopeBlind/verify-mcp/badges/score.svg)](https://glama.ai/mcp/servers/ScopeBlind/verify-mcp) 📇 🏠 🍎 🪟 🐧 - Offline verification of signed artifacts -- receipts, manifests, audit bundles. Ed25519 + JCS. No accounts, no API calls. Apache-2.0. - [zinja-coder/jadx-ai-mcp](https://github.com/zinja-coder/jadx-ai-mcp) ☕ 🏠 - JADX-AI-MCP is a plugin and MCP Server for the JADX decompiler that integrates directly with Model Context Protocol (MCP) to provide live reverse engineering support with LLMs like Claude.