Add config-guard — MCP security linter

[KGT24k]

Add config-guard

• Name: config-guard
• Homepage: https://github.com/KGT24k/mcp-config-guard
• PyPI: https://pypi.org/project/mcp-config-guard/
• License: MIT
• Description: Zero-dependency security linter for MCP (Model Context Protocol) configurations. 54 OWASP-mapped checks, 28 CVE detections, 56 known malicious package signatures, typosquat detection, SARIF output, policy-as-code support. Python 3.9+.
• Categories: Security, Configuration, Linting
• Type: CLI

Why this belongs here

config-guard is a static analysis tool that scans MCP configuration files (JSON/YAML) for security issues:

• 54 security checks mapped to the OWASP MCP Top 10
• Detects 56 known malicious MCP packages and 28 CVEs
• Typosquat detection via Levenshtein distance matching
• Identifies leaked secrets and API keys in configs
• Enforces security policies via policy-as-code (YAML/JSON rules)
• Outputs SARIF v2.1.0 for CI/CD integration (GitHub Actions template included)
• Zero dependencies (Python stdlib only)

[mre]

Thanks for the submission. config-guard has 2 stars and was created in late February 2026, so it doesn't meet our minimums for stars (20+) or project age (3+ months) yet.

We'll keep this open -- come back once the project has had more time to grow.

[github-actions]

Contributing criteria check

[FAIL] config-guard

Source: https://github.com/KGT24k/mcp-config-guard

Criterion	Result
Stars (min 20)	fail 2 stars (minimum is 20)
Contributors (min 2)	fail 1 contributor(s) (minimum is 2)
Age (min 3 months)	fail created 22 days ago, needs 68 more days to meet the 3-month minimum

---

One or more tools do not meet the contributing criteria yet. We will keep this PR open. Feel free to update it once the thresholds are met.