efij

efij / secure-claude-code

Public

Security guardrails for Claude Code, MCP tools, and Claude cowork workflows. Local-first modular YARA-style guard packs for secrets, exfiltration, prompt injection, MCP abuse, and risky agent actions.

github.comefijsecure-claude-code agent-security ai-security claude claude-code claude-cowork
104
0
100% credibility
Found Mar 31, 2026 at 104 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Shell
AI Summary

Runwall adds safety layers to AI coding tools to block leaks, bad commands, and sneaky tricks during your work.

How It Works

1
🔍 Discover Runwall

You hear about Runwall while using an AI coding helper and want to keep your secrets safe and commands secure.

2
📥 Get it set up

Download and install Runwall on your computer with a simple one-click process.

3
🛡️ Check your safety

Run a quick scan of your coding project to see risks like hidden dangers or weak spots.

4
⚙️ Pick your protection level

Choose a comfort level like balanced for everyday use or strict for extra caution.

5
🚀 Start coding with AI

Turn on your AI coding assistant and watch Runwall quietly guard your work in real time.

6
See it protect you

Runwall blocks risky moves, warns about sneaky issues, and keeps your project safe as you build.

🎉 Code securely every day

Enjoy faster, worry-free AI coding with strong built-in safety that grows with you.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 104 to 104 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is secure-claude-code?

Runwall delivers runtime security guardrails for Claude Code, MCP tools, and AI coding workflows like Cursor or Windsurf, blocking secrets leakage, prompt injection, exfiltration, and risky agent actions through shell hooks and an inline MCP gateway. Built in Shell with modular YARA-style guard packs, it scans configs for vulnerabilities, enforces outbound policies, and redacts suspicious tool responses—all local-first for claude secure code review without cloud dependencies. Users get CLI tools like `runwall audit .` for github security scanning and `runwall gateway serve` for real-time MCP interception.

Why is it gaining traction?

Unlike generic LLM guardrails, it targets coding agents specifically, integrating as plugins for Claude Code or config generators for Cursor/Windsurf, with profiles (minimal/balanced/strict) that balance security and speed. Developers notice instant wins like pre-push scans in security github actions and runtime blocks on cloud key creation or prod shell access, making security guardrails for ai practical amid rising mcp security guardrails needs. Its transparency—logs, dashboards, and exportable incidents—beats opaque enterprise tools.

Who should use this?

Solo devs or startups running Claude Code/Cursor for daily coding, needing llm guardrails security github against prompt injection or secret leaks. Security engineers auditing github security projects or teams enforcing security guardrails aws/azure/gcp in AI workflows. DevSecOps folks gating MCP abuse in shared repos via github security policy scans.

Verdict

Grab it if you're deep in Claude Code—104 stars show early buzz, but 1.0% credibility score flags immaturity; solid docs and bootstrap ease onboarding, though expect tuning false positives. Strong start for security guardrails meaning in AI coding, worth prototyping over waiting for polished alternatives.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.