aperion-shield 1.0.0

Aperion Shield -- a local MCP guardrail for AI coding agents with optional biometric identity gates (ID.me). Standalone, free, open source.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

shieldset:
  policy:
    composite_scoring:
      enabled: false
    workspace_probe:
      enabled: false
    decision_memory:
      enabled: false
    burst_detector:
      enabled: false

  rules:
    # Only the universal SQL guard exists. Writes to prod are still
    # allowed; the new "added" rule will catch them in the after-state.
    - id: sql.drop_database
      severity: Critical
      points: 6
      where: tool_call
      match:
        tool: [execute_sql]
        sql_matches: ['(?i)\bDROP\s+DATABASE\b']
      reason: "DROP DATABASE is never auto-allowed."