RepoRadar
Leave a Tip
Item detail
github.com

Fu351/Doberman-Core

Fu351/Doberman-Core is a apache-2.0 ai agent security fra in RepoRadar's Fu351/Doberman-Core is the Apache-2.0 Doberman A section, holding Silver tier and a 'try now' verdict. Its strongest signal is practical usefulness, scored 9.0 out of 10.

Open source Back to radar
Score7.9
Popularity59.0
Riskconditional
TierSilver
Score breakdown
Usefulness9.0
Novelty9.0
Momentum7.0
Maturity7.0
Open-source/build8.4
Evidence8.0
Workflow potential9.0
Setup ease6.4

Popularity is tracked separately. Support, ads, sponsorships, and tips never affect these signals.

Why it matters

Useful for **AI agent platform engineers running Claude Code / Cursor / Codex / Copilot agents on shared infrastructure** — Doberman is the on-the-execution-path MCP proxy that intercepts every tool call and returns PASS/AUTH/BLOCK before anything runs, with fail-closed-by-default semantics. Useful for **security-conscious teams running agent workloads in production** — the SHA-256-traceable audit

Who should use it

**AI agent platform engineers running Claude Code / Cursor / Codex / Copilot agents on shared infrastructure** — Doberman is the on-the-execution-path MCP proxy that intercepts every tool call and returns PASS/AUTH/BLOCK before anything runs, with fail-closed-by-default semantics**Security-conscious teams running agent workloads in production** — the SHA-256-traceable audit log, the mode dial (Light/Balanced/Strict/Paranoid), and the tiered-auth (confirm → TOTP → scoped elevation) give fine-grained governance without forcing every team to write their own policy DSL**AI agent safety researchers studying tool-use authorization** — Doberman is the open-source AI-agent security framework with PASS/AUTH/BLOCK verdicts, raise-only learning (guardrails can tighten, never silently loosen), and a suite-agnostic benchmark harness that reports ASR + FPR + asr_strict on labeled tool-call actions**Regulated / compliance teams** — every tool call has an auditable reason code, every secret-detection rule is documented, every destructive-op pattern is hard-blocked in every mode**Teams evaluating MCP-server security** — Doberman sits in front of any MCP server over stdio or HTTP and re-exposes its tools through the proxy, with descriptor pinning + drift detection for tool-schema changes**Researchers measuring AI agent guardrail effectiveness** — the suite-agnostic benchmark harness reports ASR / FPR / asr_strict, holds counts / verdicts / reason codes only (never payload text), and supports both builtins_only and with_plugins profiles so researchers can isolate the core's contribution from plugin uplift**Apache-2.0 commercial security pipelines** — no per-file carve-outs, no SaaS-embedding caveat, no commercial-use threshold; the core is genuinely standalone (no proprietary dependency, CI-enforced)Evaluation: `npx -y @modelcontextprotocol/inspector doberman serve -- npx -y @modelcontextprotocol/server-filesystem ~/my-project` for the interactive MCP Inspector demo, or run the in-repo integration test `pytest tests/integration/test_serve_end_to_end.py -q` to spawn `doberman serve` as a real subprocess fronting a real stdio tool server, then run `python -m tests.benchmarks.run --suite synthetic --profile both` for the benchmark harness. Note the conditional risk_flag: the project is alpha status (per the README's status badge), so treat as `try_now conditional` rather than `try_now` — fine for early evaluation in non-production environments, wait for the project to reach beta before deploying to production agent fleets

Who should skip it

Skip Fu351/Doberman-Core if the source repository or demo is inactive, unmaintained, or no longer matches the description shown here.

About this signal

Fu351/Doberman-Core is tracked by RepoRadar as a apache-2.0 ai agent security fra in the Fu351/Doberman-Core is the Apache-2.0 Doberman A section. It was first seen on 2026-06-26 and last updated on 2026-06-26. The current verdict is 'try now' with a Silver tier and moderate setup difficulty. The standout signals for Fu351/Doberman-Core are practical usefulness (9.0) and novelty (9.0), while setup ease (6.4) trails — that balance shapes where it fits best. This page summarizes the evidence RepoRadar has captured from captured source metadata. The score, tier, risk label, and verdict on this page are never influenced by sponsorship, ads, or tips — they reflect only the usefulness, popularity, novelty, momentum, maturity, and evidence signals described in the RepoRadar methodology.

How this item is evaluated

RepoRadar assigned Fu351/Doberman-Core a composite score of 7.9 out of 10, placing it in the Silver tier. This score combines weighted sub-signals: usefulness (35%), novelty (18%), momentum (14%), maturity (10%), open-source/build quality (7%), evidence quality (6%), workflow potential (6%), and setup ease (4%). Popularity is tracked separately at 59.0 and never affects the composite score or tier. The risk label of 'conditional' reflects inherent user-impacting hazards, not generic novelty. Items with no risk flag may still require normal code review before production use.

Putting this into practice? Read How to vet an AI agent or MCP server before you wire it in for the checklist behind this score.

Risk explanation

alpha status (per README's status badge); so treat as `try_now conditional` rather than `try_now` — fine for early evaluation in non-production environments; wait for the project to reach beta before deploying to production agent fleets; Doberman sits on the tool-execution path so the agent's tool calls are visible to it (review the audit log retention policy and the tiered-auth TOTP storage before deploying).

Evidence links

Closest alternatives / related signals

  • No close related item is available in the current public catalog.
dobermandoberman-corefu351ai-agent-securityagent-securitymcp-proxymcp-firewallpass-auth-block