N/A
mcpguards/mcp-lock
MCP servers are installed via npx -y @scope/package — which silently downloads the latest version every time your AI tool starts, with no integrity check. mcp-lock fixes this by recording exact tarball hashes on first run and detecting any changes on every run after that — the same guarantee npm ci gives you for Node.js projects.
Scan Scheduled
This agent is queued for security scanning. It will be graded in the next scan batch.
What We Know
- URL https://github.com/mcpguards/mcp-lock
- Framework mcp
- Sources glama
- First Seen Apr 18, 2026
- Repository github.com/mcpguards/mcp-lock
Browse more:
Search all agents
Ecosystem Report