Open-source security tooling for AI/LLM defense, detection engineering, threat intelligence, and OSINT. Zero-dependency Python where it makes sense; MIT licensed across the ecosystem.
Snapshot: 4 OK | 0 DRIFT
| Package | PyPI | GH Release | Status | CodeQL alerts | Coverage | Glama | Downloads (30d) | Stars | Forks | Last release | Last commit |
|---|---|---|---|---|---|---|---|---|---|---|---|
| wrg-mcp-serverMITPyPIGitHubMCP Registry WRG MCP server - exposes WinstonRedGuard tools (governance + research + pulse + breach + ransom + threat-intel + OSINT) to Claude Code and AI agents | 1.0.8 | 1.0.8 | OK | 0 | 95% | - | 657 | 1 | 0 | 4 days ago | 2 days ago |
| wrg-rule-labMITPyPIGitHub Deterministic rule evaluation engine — local-first Python library, JSON DSL, batch + diff + simulate | 0.1.6 | 0.1.6 | OK | 0 | 92% | - | 385 | 0 | 0 | 9 days ago | 2 days ago |
| wrg-devguardMITPyPIGitHub Pluggable code-security scanner: secrets, credentials, crypto policy. CLI + GitHub Action. | 0.2.3 | 0.2.3 | OK | 0 | 94% | - | 707 | 0 | 0 | 10 days ago | 2 days ago |
| devguard-scanMITGitHub 100% client-side secret scanner — a dependency-free, zero-upload browser port of the wrg-devguard scan engine. Paste code or drop files; nothing leaves your browser. | - | - | GH-ONLY | ? | n/a | - | ? | 0 | 0 | ? | yesterday |
| instinctMITPyPIGitHub Self-learning memory for AI coding agents — MCP server | 1.4.3 | 1.4.3 | OK | 0 | 84% | - | 372 | 2 | 3 | today | today |
| wrg-sigma-rulesMITGitHubGlamaAnthropic CC ⏳ 68 sigma detection rules — 0 benign false-positives across all 11 MITRE ATT&CK categories. Includes 3 MCP tools + 3 Claude Code skills. | - | 1.0.0 | GH-ONLY | 0 | n/a | A/A/B | ? | 0 | 0 | 7 days ago | today |
| arastirma-ussuMITGitHub Turkish AI research assistant (Ollama + Qdrant + FAISS + MCP server + memory). 8 security fixes shipped: 3 critical (cache race conditions) + 5 high-severity (error-handling + prompt-injection defense). Coverage 72%. | - | - | GH-ONLY | 0 | 72% | - | ? | 0 | 0 | ? | 3 days ago |
| osint-trust-envelopeMITGitHub Per-source epistemic ceilings for OSINT results: wrap any lookup in an honest trust envelope (verified / inferred / heuristic / unverified). Zero-dependency Python. Phone is never 'verified' (number portability); email is never 'verified' (MX != mailbox); a pipeline inherits its weakest link. | - | - | GH-ONLY | ? | n/a | - | ? | 0 | 0 | ? | today |
| TOTAL — 8 packages (4 on PyPI, 4 GitHub-only) | - | - | - | 0 / 6 scanned | - | - | 2,121 | 3 | 3 | - | - |
No packages match your filter.
wrg-sigma-rules is a sigma detection plugin (runtime TTP focus), submitted to the Anthropic Claude Code marketplace and live on Glama + awesome-mcp-servers. wrg-mcp-server is live on the MCP Registry (v1.0.8). Across both packages the WRG MCP ecosystem covers 3 of 5 target distribution channels; Docker MCP Catalog PR #3836 open; Anthropic CC listing pending. Verified 2026-06-02.
| Package | Anthropic CC | Glama | awesome-mcp-servers | MCP Registry | Docker MCP Catalog |
|---|---|---|---|---|---|
| wrg-sigma-rules | ⏳ submitted | ✅ A/A/B | ✅ merged | — | — |
| wrg-mcp-server | — | — | — | ✅ v1.0.8 | ⏳ PR #3836 OPEN |
| instinct | PyPI + GitHub only | ||||
| arastirma-ussu | GitHub only (MCP server; marketplaces not yet targeted) | ||||
| wrg-rule-lab | PyPI + GitHub only (Python library) | ||||
| wrg-devguard | PyPI + GitHub only (CLI + GitHub Action) | ||||
AI threat research newsletter — bot-detection, sigma methodology, LLM security disclosures. Written from the WRG-11 field research stack.
Subscribe ↗No tracking · free · ~weekly
Fleet-methodology war stories from the build:
Multi-agent engineering · Fleet methodology