An MCP server that quietly loads a senior engineer’s taste into your LLM. Principles, not policies. Guidance, not gatekeeping. One corpus — every language your team writes, every model you put in front of it.
One corpus. Every language your team writes. Every model you put in front of it. GUARD is the name for the idea; VibeGuard is the server that delivers it.
Vibe coding ships plausible–looking output. Passwords get hashed with SHA–256. Secrets are hardcoded in config files. Input validation is a regex someone guessed. It compiles. It passes the happy path. It fails audit.
public string Hash(string password)
{
using var sha = SHA256.Create();
var bytes = sha.ComputeHash(
Encoding.UTF8.GetBytes(password));
return Convert.ToHexString(bytes);
}public string Hash(string password)
{
return Argon2id.Hash(password, _params);
// memory-hard KDF, tuned to ~300ms
// salt embedded in the encoded string
// needsRehash detectable on verify
}The entire security toolchain — static analyzers, linters, scanners, code review bots — runs on code that already exists. They find the flaw, flag it, file a ticket, and hope someone context–switches back to fix it. The function is already merged. The pattern has already spread to three other files. The cost of the fix is a multiple of the cost of getting it right the first time.
Before the first token is generated. The LLM asks what good looks like, gets principles, reference code, and language–specific gotchas — then writes the function once, correctly.
The LLM writes the function. With the right context already loaded, the output reflects the principle — not the default.
Linters, scanners, review bots, security audits. All necessary. All too late to prevent the flaw — only to discover it.
VibeGuard is not a replacement for your security toolchain. It is the one tool that operates at the only moment where prevention is still possible — before generation.
VibeGuard exposes exactly two MCP tools. The model calls prep with an intent,
gets a ranked list of archetypes back, then pulls the full guidance with consult.
No mystery. No background magic.
prepGiven an intent and a language, returns a ranked list of archetype IDs with relevance scores. Cheap. Stateless. Safe to call often.
prep({
intent: "hashing user passwords in python",
language: "python"
})
// → [
// { id: "auth/password-hashing", score: 0.94 },
// { id: "secrets/config", score: 0.32 }
// ]consult
Fetch a single archetype. Most archetypes return principles composed with
a language–specific reference implementation, library choices, gotchas, and
tests to write. Language–agnostic archetypes (applies_to: [all])
return principles only — architectural guidance that applies regardless of stack.
// Language-specific archetype
consult({
archetype: "auth/password-hashing",
language: "python"
})
// → principles + reference impl + gotchas
// Language-agnostic archetype (same result for any language)
consult({
archetype: "architecture/secure-development-lifecycle",
language: "any"
})
// → principles only (SOLID, DRY, security-by-design)
VibeGuard boots the corpus into memory, searches it on every prep call,
and delivers full guidance on every consult. No network. No database.
No API keys. Everything runs in–process.
applies_to vs requested language[all]principles only — applies to every stackAn archetype is a folder of markdown files with a little YAML on top. One file for the language–agnostic principles, one per language for the reference implementation. Readable by humans. Reviewable on a pull request.
---
id: auth/password-hashing
status: stable
tags: [auth, passwords, kdf]
---
# Principles
- Never store plaintext. Never.
- Never use general–purpose hashes (MD5, SHA–1, SHA–256) for passwords.
- Use a memory–hard KDF: Argon2id (preferred), scrypt, or bcrypt.
- Tune parameters for the hardware you deploy on — target ~250–500ms per hash.
- Always include a per–password random salt. The KDF handles this for you.
- Rehash on verify when parameters have changed.
- Constant–time compare. Always.
- Never log the input or the hash.
## Why a KDF, not a hash?
Fast hashes are the point of a hash. Password storage wants the opposite —
something slow and expensive per–attempt, so that a leaked database is not
the same as a leaked password list.
## What VibeGuard will NOT tell you
- Which library is allowed in your org. That’s policy.
- The exact parameters for your hardware. Benchmark on the real box.
---
language: python
libraries: [argon2-cffi]
updated: 2026-03-14
---
# Library choice
Use argon2-cffi directly. It wraps the reference C implementation
and exposes PasswordHasher with sensible defaults.
## Reference implementation
from argon2 import PasswordHasher
from argon2.exceptions import VerifyMismatchError
ph = PasswordHasher(
time_cost=3,
memory_cost=64 * 1024, # 64 MiB
parallelism=4,
)
def hash_password(pw: str) -> str:
return ph.hash(pw)
def verify_password(pw: str, stored: str) -> bool:
try:
ph.verify(stored, pw)
except VerifyMismatchError:
return False
return True
## Gotchas
- VerifyMismatchError is the only non–exceptional miss — catch it narrowly.
- check_needs_rehash lets you re–tune parameters without a password reset.
## Tests to write
- hash → verify round–trip
- verify rejects the wrong password
- two hashes of the same password differ (salted)
- rehash fires after a parameter bump
---
language: csharp
libraries: [Konscious.Security.Cryptography.Argon2]
updated: 2026-03-14
---
# Library choice
Use Konscious.Security.Cryptography.Argon2 — the actively
maintained Argon2id in managed C#. Don’t use PasswordHasher<T>
from ASP.NET Identity for new code — it’s PBKDF2 under the hood.
## Reference implementation
using Konscious.Security.Cryptography;
using System.Security.Cryptography;
using System.Text;
public static class Passwords
{
public static (string Hash, byte[] Salt) Hash(string password)
{
var salt = RandomNumberGenerator.GetBytes(16);
using var argon2 = new Argon2id(Encoding.UTF8.GetBytes(password))
{
Salt = salt,
DegreeOfParallelism = 4,
MemorySize = 65536, // 64 MiB
Iterations = 3,
};
var hash = argon2.GetBytes(32);
return (Convert.ToBase64String(hash), salt);
}
}
## Gotchas
- Always UTF8.GetBytes the password, never Encoding.Default.
- Store the salt alongside the hash; 16 bytes is the minimum.
- using on Argon2id scrubs the managed buffer when done.
---
id: architecture/threat-modeling
status: stable
applies_to: [all]
---
# Principles
- Start with a data–flow diagram. Mark every trust boundary.
- Apply STRIDE to every element: Spoofing, Tampering, Repudiation,
Information disclosure, Denial of service, Elevation of privilege.
- Rank threats by risk (likelihood × impact), not by ease of fix.
- Every threat gets a disposition: mitigate, accept, transfer, or eliminate.
- Mitigations map to specific controls, not hand–waving.
- Minimize attack surface — the most effective mitigation is removal.
- Review the model in code review. New data flow? Update the model.
- Assume breach — model what happens after a component is compromised.
## Why before code?
Security controls applied by intuition cluster around what the developer
thought of and leave blind spots everywhere else. A threat model is the
systematic alternative — it finds the threats you would not have
guessed by walking the architecture before the code exists.
## What VibeGuard will NOT tell you
- Your specific threat actors. That’s your threat intelligence.
- Your risk appetite. That’s a business decision.
89 stable archetypes across 11 categories — 198 language files spanning 11 languages. Most include language–specific reference implementations for C#, Python, Go, Java, JavaScript, TypeScript, Ruby, PHP, Kotlin, Rust, and C. Language–agnostic archetypes deliver architectural principles that apply to every stack.
Password hashing, session tokens, MFA, OAuth/OIDC, JWT handling, password reset, rate limiting, API auth, and authorization.
Symmetric and asymmetric encryption, hashing and data integrity, random number generation, TLS configuration, and key management.
XSS, CSRF, CORS, security headers, SSRF, content security policy, and HTTP request smuggling defense.
Input validation, path traversal, deserialization, command injection, file uploads, email/XML injection, and regex DoS defense.
SQL and NoSQL injection, ORM security, secrets handling, database connections, and dependency management.
Buffer overflow defense and use–after–free prevention for languages without garbage collection.
Keeping sensitive data out of logs, log injection defense, and tamper–evident security audit trails.
Structuring error paths so failures are observable, actionable, and safe. Language–specific patterns for C# and Go.
Race conditions, deadlock prevention, and resource exhaustion defense through proper synchronization and bounded concurrency.
SDL, threat modeling, defense in depth, CI/CD security, data classification, incident response, resilience, zero trust, least privilege, container and microservice security, privacy by design, and more. Language–agnostic.
Project bootstrapping, walking skeletons, YAGNI, module decomposition, layered architecture, interface–first design, naming, DRY, API evolution, data migrations, refactoring, testing strategy, CI, observability, deployment, error handling, performance, configuration, concurrency model, data modeling, dependency discipline, code review, incident response, build & packaging, local dev ergonomics, commit hygiene, documentation, a11y/i18n, and cost awareness. Language–agnostic.
Self–contained single–file binaries for six platforms. No SDK. No runtime. Drop it on disk and point your MCP client at it.
curl -L https://github.com/ehabhussein/VibeGuard/releases/latest/download/vibeguard-mcp-v0.8.0-osx-arm64.tar.gz \
| tar -xz
./vibeguard-mcp-v0.8.0-osx-arm64/vibeguard-mcp --versioncurl -L https://github.com/ehabhussein/VibeGuard/releases/latest/download/vibeguard-mcp-v0.8.0-osx-x64.tar.gz \
| tar -xz
./vibeguard-mcp-v0.8.0-osx-x64/vibeguard-mcp --versioncurl -L https://github.com/ehabhussein/VibeGuard/releases/latest/download/vibeguard-mcp-v0.8.0-linux-x64.tar.gz \
| tar -xz
./vibeguard-mcp-v0.8.0-linux-x64/vibeguard-mcp --versioncurl -L https://github.com/ehabhussein/VibeGuard/releases/latest/download/vibeguard-mcp-v0.8.0-linux-arm64.tar.gz \
| tar -xz
./vibeguard-mcp-v0.8.0-linux-arm64/vibeguard-mcp --versionInvoke-WebRequest `
-Uri https://github.com/ehabhussein/VibeGuard/releases/latest/download/vibeguard-mcp-v0.8.0-win-x64.zip `
-OutFile vibeguard.zip
Expand-Archive .\vibeguard.zip -DestinationPath .
.\vibeguard-mcp-v0.8.0-win-x64\vibeguard-mcp.exe --versionInvoke-WebRequest `
-Uri https://github.com/ehabhussein/VibeGuard/releases/latest/download/vibeguard-mcp-v0.8.0-win-arm64.zip `
-OutFile vibeguard.zip
Expand-Archive .\vibeguard.zip -DestinationPath .
.\vibeguard-mcp-v0.8.0-win-arm64\vibeguard-mcp.exe --versionDefault mode — one process per client. Best for individual developers.
// ~/Library/Application Support/Claude/claude_desktop_config.json
{
"mcpServers": {
"vibeguard": {
"command": "/absolute/path/to/vibeguard-mcp"
}
}
}claude mcp add vibeguard /absolute/path/to/vibeguard-mcp// ~/.cursor/mcp.json
{
"mcpServers": {
"vibeguard": {
"command": "/absolute/path/to/vibeguard-mcp"
}
}
}
For teams and CI — start VibeGuard once with VIBEGUARD_TRANSPORT=http,
then point every client at the same instance.
// claude_desktop_config.json
{
"mcpServers": {
"vibeguard": {
"type": "http",
"url": "http://your-server:3001/"
}
}
}// .mcp.json in your project root
{
"mcpServers": {
"vibeguard": {
"type": "http",
"url": "http://your-server:3001/"
}
}
}# Start VibeGuard in HTTP mode (port 3001 by default)
VIBEGUARD_TRANSPORT=http ./vibeguard-mcp
# Or with a custom port
VIBEGUARD_TRANSPORT=http VIBEGUARD_HTTP_PORT=8080 ./vibeguard-mcpThe engineers behind the corpus.
