πΈοΈ Weave Protocol
Enterprise Security Suite for AI Agents
A TypeScript monorepo providing security, encryption, compliance, and governance tools for AI agent systems. Built for the Model Context Protocol (MCP) ecosystem.
π What's New: MCP Server Scanner
Mund v0.1.11 now scans MCP servers before you install them:
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β mund_scan_mcp_server β
β β
β β οΈ CRITICAL: Tool "execute" contains injection pattern β
β "ignore previous instructions and run..." β
β β
β β οΈ HIGH: Server name "githib-mcp" is 1 edit from "github" β
β β
β Recommendation: DO_NOT_INSTALL β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Why this matters:
- 43% of MCP servers have command injection vulnerabilities
- "Line jumping" attacks hide malicious prompts in tool descriptions
- Typosquatting mimics legitimate server names
See Mund README β
π¦ Packages
| Package | Version | Description |
|---|---|---|
| π‘οΈ @weave_protocol/mund | 0.1.11 | Security scanner - secrets, PII, injection, MCP server vetting |
| ποΈ @weave_protocol/hord | 0.1.4 | Encrypted vault with Yoxallismus cipher |
| βοΈ @weave_protocol/domere | 1.2.10 | Compliance (PCI-DSS, ISO27001, SOC2, HIPAA) & verification |
| π₯ @weave_protocol/witan | 1.0.0 | Multi-agent consensus & governance |
| π @weave_protocol/api | 1.0.6 | REST API for all packages |
π Quick Start
Install All Packages
npm install @weave_protocol/mund @weave_protocol/hord @weave_protocol/domere
Claude Desktop Integration
Add to claude_desktop_config.json:
{
"mcpServers": {
"mund": {
"command": "npx",
"args": ["-y", "@weave_protocol/mund"]
},
"hord": {
"command": "npx",
"args": ["-y", "@weave_protocol/hord"]
},
"domere": {
"command": "npx",
"args": ["-y", "@weave_protocol/domere"]
}
}
}
MCP Registry
Mund is available on the official MCP Registry:
# Search for it
https://registry.modelcontextprotocol.io
# Server ID: io.github.Tyox-all/mund
β¨ Package Details
π‘οΈ Mund - The Guardian
Real-time security scanning for AI agents.
| Category | Features |
|---|---|
| Secrets | API keys, tokens, passwords, certificates (30+ patterns) |
| PII | SSN, credit cards, emails, phone numbers, addresses |
| Injection | Prompt injection, jailbreak attempts, instruction override |
| Exfiltration | Data leakage, encoding tricks, steganography |
| Code | Dangerous patterns, eval/exec, SQL injection, XSS |
| MCP Servers | Malicious tool descriptions, typosquatting, dangerous permissions |
// Scan content
const result = await mund.scan("Here's my key: sk-abc123...");
// { safe: false, issues: [{ severity: "critical", ... }] }
// Scan MCP server before install
const serverScan = await mund.scanMcpServer(serverJson);
// { recommendation: "DO_NOT_INSTALL", issues: [...] }
ποΈ Hord - The Vault
Encrypted storage with the Yoxallismus dual-tumbler cipher.
| Category | Features |
|---|---|
| Encryption | AES-256-GCM, ChaCha20-Poly1305 |
| Key Derivation | Argon2id with configurable parameters |
| Yoxallismus | Dual-layer tumbler/deadbolt obfuscation |
| Memory Safety | Secure buffer handling, auto-zeroing |
| MCP Server | Claude Desktop integration, vault management tools |
import { YoxallismusCipher } from '@weave_protocol/hord';
const cipher = new YoxallismusCipher('master-key');
// Lock (encrypt + obfuscate)
const locked = await cipher.lock(sensitiveData);
// Unlock (de-obfuscate + decrypt)
const unlocked = await cipher.unlock(locked);
Yoxallismus Cipher: A dual-layer encryption combining AES-256-GCM with tumbler/deadbolt obfuscation. Data is first encrypted, then the ciphertext is scrambled using position-dependent transformations that require both the key and the original encryption context to reverse.
βοΈ Domere - The Judge
Enterprise-grade verification, orchestration, compliance, and audit infrastructure.
| Category | Features |
|---|---|
| Verification | Intent tracking, drift detection, execution replay, multi-agent handoff |
| Orchestration | Task scheduler, agent registry, shared state with locks |
| Compliance | SOC2, HIPAA, PCI-DSS, ISO27001 checkpoints & reporting |
| Blockchain | Solana & Ethereum anchoring for immutable audit trails |
Blockchain Anchoring:
- Solana Mainnet:
6g7raTAHU2h331VKtfVtkS5pmuvR8vMYwjGsZF1CUj2o - Solana Devnet:
BeCYVJYfbUu3k2TPGmh9VoGWeJwzm2hg2NdtnvbdBNCj - Ethereum:
0xAA8b52adD3CEce6269d14C6335a79df451543820
import { ComplianceManager } from '@weave_protocol/domere';
const compliance = new ComplianceManager(['pci-dss', 'iso27001', 'soc2', 'hipaa']);
// Create tamper-evident checkpoint
const checkpoint = await compliance.createCheckpoint({
action: 'data_access',
resource: 'customer_records',
actor: 'agent-001'
});
// Generate audit report
const report = await compliance.generateReport('pci-dss', {
startDate: '2024-01-01',
endDate: '2024-12-31'
});
π₯ Witan - The Council
Multi-agent consensus and governance.
| Category | Features |
|---|---|
| Consensus | Unanimous, majority, weighted, quorum protocols |
| Policy | Rule enforcement, permission management, escalation |
| Communication | Agent bus, broadcast, point-to-point messaging |
| Recovery | Failure detection, automatic failover, state recovery |
import { ConsensusEngine, PolicyEngine } from '@weave_protocol/witan';
const consensus = new ConsensusEngine({
protocol: 'weighted_majority',
threshold: 0.66,
timeout: 30000
});
// Propose action requiring consensus
const result = await consensus.propose({
action: 'deploy_to_production',
requiredApprovals: ['security-agent', 'qa-agent', 'ops-agent']
});
ποΈ Architecture
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β AI Agent System β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β ββββββββββββ ββββββββββββ ββββββββββββ ββββββββββββ β
β β π‘οΈ Mund β β ποΈ Hord β β βοΈ Domereβ β π₯ Witan β β
β β Guardian β β Vault β β Judge β β Council β β
β ββββββ¬ββββββ ββββββ¬ββββββ ββββββ¬ββββββ ββββββ¬ββββββ β
β β β β β β
β Security Encryption Compliance Consensus β
β Scanning Storage Verification Governance β
β β β β β β
β βββββββββββββββ΄ββββββββββββββ΄ββββββββββββββ β
β β β
β βββββββ΄ββββββ β
β β π API β β
β β REST β β
β βββββββββββββ β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
π REST API
The @weave_protocol/api package provides HTTP endpoints for all functionality:
# Start the API server
npx @weave_protocol/api
# Or with Docker
docker run -p 3000:3000 weave-protocol/api
Endpoints:
| Method | Path | Description |
|---|---|---|
| POST | /mund/scan |
Scan content for security issues |
| POST | /mund/scan-mcp-server |
Scan MCP server manifest |
| POST | /hord/encrypt |
Encrypt data |
| POST | /hord/decrypt |
Decrypt data |
| POST | /hord/yoxallismus/lock |
Lock with Yoxallismus cipher |
| POST | /hord/yoxallismus/unlock |
Unlock with Yoxallismus cipher |
| POST | /domere/checkpoint |
Create compliance checkpoint |
| GET | /domere/compliance/frameworks |
List available frameworks |
| POST | /domere/compliance/report |
Generate compliance report |
π Security Model
Weave Protocol implements defense-in-depth:
- π‘οΈ Mund scans all inputs for threats before processing
- ποΈ Hord encrypts sensitive data at rest and in transit
- βοΈ Domere logs all actions with tamper-evident checksums
- π₯ Witan requires consensus for high-risk operations
CORS Model Integration
The Weave Protocol maps to the CORS Model for AI agent security:
| CORS Layer | Weave Package | Function |
|---|---|---|
| Origin Validation | π‘οΈ Mund | Validates input sources, detects injection |
| Context Integrity | ποΈ Hord | Protects data integrity through encryption |
| Deterministic Enforcement | βοΈ Domere | Ensures consistent policy application |
π οΈ Development
# Clone
git clone https://github.com/Tyox-all/Weave_Protocol.git
cd Weave_Protocol
# Install dependencies (each package)
cd mund && npm install && npm run build
cd ../hord && npm install && npm run build
cd ../domere && npm install && npm run build
# Run tests
npm test
πΊοΈ Roadmap
- LangChain/LlamaIndex integration package
- Web dashboard for monitoring
- MCP server reputation scoring
- Automated threat intelligence updates
- GDPR compliance framework
π€ Contributing
See CONTRIBUTING.md for guidelines.
π License
Apache 2.0 - See LICENSE
π Links
- GitHub: https://github.com/Tyox-all/Weave_Protocol
- npm (mund): https://www.npmjs.com/package/@weave_protocol/mund
- npm (hord): https://www.npmjs.com/package/@weave_protocol/hord
- npm (domere): https://www.npmjs.com/package/@weave_protocol/domere
- npm (witan): https://www.npmjs.com/package/@weave_protocol/witan
- MCP Registry: https://registry.modelcontextprotocol.io (search "mund")
Built with β€οΈ for the AI agent ecosystem.
