LimitGuard Trust Intelligence

7.0

Entity verification, sanctions screening, and trust scoring for AI agents.

streamable-httpai-ml security automation

Installation

Claude Desktop config (remote)

{
  "mcpServers": {
    "ai-limitguard-api-trust-intelligence": {
      "type": "streamable-http",
      "url": "https://api.limitguard.ai/mcp"
    }
  }
}

Cursor config

{
  "mcpServers": {
    "ai-limitguard-api-trust-intelligence": {
      "url": "https://api.limitguard.ai/mcp"
    }
  }
}

Security Report

Score Breakdown

Description10

Permissions10

Behavior4

Stability--

Findings (6)

high

network-access

Remote HTTP Endpoint Without Visible Authentication

Server operates as a remote HTTP endpoint (streamable-http) at https://api.limitguard.ai/mcp. Remote servers accept connections from the internet and introduce network exposure. No authentication mechanism is documented in the provided metadata.

high

excessive-scope

Broad Capability Claims Without Tool Visibility

Server claims to perform 'entity verification, sanctions screening, and trust scoring' - capabilities that could involve access to sensitive databases, personal information, and financial records. However, zero tools are exposed, making it impossible to audit actual capabilities or validate scope appropriateness.

medium

vague-description

Unclear Operational Scope and Data Handling

Description does not specify what data sources are queried, how entity verification works, which sanctions lists are used, or what 'trust scoring' entails. For a server handling sensitive compliance and verification tasks, this lack of specificity is concerning.

medium

credential-input

Potential for Sensitive Data Input

A server performing entity verification and sanctions screening would likely require names, addresses, financial identifiers, or other PII as input. No documentation provided on how such data is handled, encrypted, or protected.

low

info

Positive Trust Signals Present

Server has associated GitHub repository, website, and appears to have legitimate branding. These are positive indicators of legitimacy, though they do not mitigate the technical security concerns.

info

vague-description

Semantic Analysis Summary

LimitGuard presents moderate-to-high risk due to remote HTTP exposure without documented authentication, zero visible tools despite broad compliance/verification claims, and lack of clarity on sensitive data handling. While trust signals (repo, website) suggest legitimacy, the inability to audit actual capabilities and the sensitive nature of entity verification/sanctions screening warrant caution. Recommend verifying authentication mechanisms and requesting detailed tool/resource documentation before deployment.

Last scanned 53m ago

Details

Version: 1.0.1
Transport: streamable-http
Capabilities
Repository: JWconsultancy1234/limitguard-ai
Website: limitguard.ai