Skip to content

RedCupIT/claude-defense-kit

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
data
data
 
 
src-tauri
src-tauri
 
 
src
src
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
tsconfig.json
tsconfig.json
 
 

Repository files navigation

Claude Defense Kit

Claude Code is powerful—but with great power comes great attack surface. If Claude gets prompt-injected, what can an attacker access? Your SSH keys? AWS credentials? Database connections? Claude Defense Kit scans your installation, shows you the blast radius, and lets you lock it down with one click.

Quick Start

Until we publish to npm, run locally:

git clone https://github.com/gobeyondidentity/claude-defense-kit.git
cd claude-defense-kit
npm install
npm run build
npm start

This starts an interactive web app at http://localhost:3847 that:

  • Scans your Claude Code configuration for security issues
  • Shows severity-based findings (High/Medium/Low)
  • Enables one-click remediation of each issue

Installation

Once published to npm, you'll be able to run:

# Run directly (no install required)
npx claude-defense-kit

# Or install globally
npm install -g claude-defense-kit

Usage

# Start the interactive web dashboard
claude-defense-kit

Options

--no-open     Don't open browser automatically (start server only)
--port <n>    Port to run the server on (default: 3847)
--verbose     Show detailed scan progress
--help        Display help
--version     Display version

What It Scans

Claude Code Detection

  • Detects Claude Code installation and version
  • Parses configuration files from ~/.claude/
  • Tracks installation integrity via file hashing

MCP Server Analysis

  • Enumerates configured MCP servers
  • Identifies tools/capabilities each server exposes
  • Categorizes risk level (critical/high/medium/low)
  • Detects changes to MCP server scripts

Credential Exposure

  • Scans for sensitive files Claude Code can access:
    • SSH keys (~/.ssh/)
    • Cloud credentials (~/.aws/, ~/.config/gcloud/, ~/.azure/)
    • Environment files (.env, .env.local, etc.)
    • Git credentials (~/.gitconfig, .git-credentials, .netrc)
    • Package manager tokens (~/.npmrc, ~/.pypirc)

Capability Analysis

  • Shell command execution (Bash tool)
  • Network request capabilities (WebFetch)
  • File read/write permissions
  • Package installation permissions

Remediation

The tool modifies your Claude Code settings to:

  • Deny access to sensitive file paths
  • Disable risky MCP servers
  • Block dangerous bash commands (curl, wget, nc, ssh, scp)
  • Configure sandbox settings
  • Disable specific tools (Bash, Write, Edit, WebFetch)

All changes can be undone with the "Undo" button.

Privacy

This tool runs entirely locally. No data is uploaded or sent anywhere.

Supported Platforms

  • macOS
  • Linux
  • Windows

Development

npm install
npm run build
npm start        # Opens http://localhost:3847

# Or run without building
npm run dev

Requires Node.js 18+.

License

MIT

About

Security scanner for Claude Code - see what's at risk if your AI agent is compromised, with one-click fixes

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • TypeScript 98.1%
  • Rust 1.4%
  • Other 0.5%