AI-Infra-Guard MCP Server

Overview

A.I.G (AI‑Infra‑Guard) is a comprehensive MCP server designed to bring AI red‑teaming capabilities into the developer workflow. It solves a critical problem for teams that build, deploy, or maintain AI systems: the lack of an integrated, automated platform to audit both the underlying infrastructure and the AI models themselves for security vulnerabilities. By exposing MCP endpoints that perform deep scans of AI frameworks, MCP servers, and prompt logic, A.I.G enables developers to identify weaknesses early—before they can be exploited in production.

The server offers three core security lenses. First, the AI Infra Scan probes over 30 popular AI frameworks—including Ollama, ComfyUI, and vLLM—and checks nearly 400 known CVEs. This gives teams a clear picture of the risk profile of every component they depend on. Second, the MCP Server Scan uses an AI agent to analyze source code or remote URLs for nine major categories of MCP‑specific threats, such as insecure endpoint exposure or improper authentication. Third, the Jailbreak Evaluation module evaluates prompt safety by running curated jailbreak datasets against multiple models, providing a cross‑model comparison of how robust each prompt is. Together these layers deliver end‑to‑end visibility into the security posture of an AI stack.

A.I.G’s value lies in its developer‑centric integration. The MCP server exposes a simple set of resources, tools, and prompts that any Claude or other AI assistant can call. A developer can trigger a full infra scan, retrieve detailed vulnerability reports, or ask the assistant to suggest mitigation steps—all within the same conversational context. The web UI further lowers the barrier, offering one‑click scans, real‑time progress updates, and comprehensive analysis reports that can be shared across teams.

Real‑world use cases include continuous integration pipelines where every code commit is automatically scanned for new MCP risks, security teams performing routine audits of AI deployments in cloud environments, and compliance officers verifying that prompt engineering practices meet regulatory standards. Because A.I.G supports both Chinese and English interfaces, it is especially useful in multinational organizations that need localized documentation without sacrificing feature parity.

What sets A.I.G apart is its holistic coverage and AI‑driven insights. Unlike traditional vulnerability scanners that focus solely on software binaries, A.I.G blends infrastructure checks with model‑level analysis and jailbreak testing. Its AI agent for MCP scanning can adapt to new threat patterns without manual rule updates, ensuring that the platform evolves alongside emerging attack vectors. This makes A.I.G a powerful ally for developers who want to embed robust security checks into every stage of the AI lifecycle.