PromptFence

offline prompt-injection shield for MCP tools — no cloud, no API key

npx -y github:Isco0819/prompt-fence

Ever run into this?

Like Lakera Guard (raised $20M, real enterprise customers) and rebuff.ai (HN front page, GitHub stars), demand for prompt-injection defense is proven — but both require cloud API calls and paid plans. User-controlled strings flowing into MCP tool calls can silently redirect your agent, and there is zero offline, MCP-native guard layer for local dev or CI.

The fix

npx CLI + MCP server that scans any string against 50+ curated heuristics locally, returning a risk score and matched pattern with zero external API calls or signup required.

What it does

npx -y github:Isco0819/prompt-fence