AI agent governance, security tooling, and mechanical enforcement.

rigscore v0.1.0

  • #rigscore
  • #security
  • #ai
  • #devtools
  • #mcp
  • #open-source

Why this exists

AI coding tools ship fast and configure loose. Claude Code, Cursor, Windsurf — they all read your filesystem, execute commands, and call APIs. Most developers set them up once and never look at the configuration again.

rigscore checks the things that matter and gives you a number. Run it, see the score, fix what’s broken.


What v0.1.0 checks

6 checks, each contributing to a score out of 100:

  • MCP server configuration — transport type, wildcard env passthrough, filesystem scope
  • CLAUDE.md governance — governance file existence, forbidden actions, approval gates
  • Secret exposure.env in .gitignore, API key patterns in configs, file permissions
  • Docker security — socket mounts, privileged mode, host paths, missing user/cap_drop, host network mode
  • Git hooks — pre-commit hooks, push URL guards
  • Skill file safety — injection patterns, shell execution, external URLs

How it works

1npx rigscore

Scans the current directory, evaluates each check, prints a score. JSON output available for CI integration with --json.

Every check runs locally. Nothing leaves your machine.


github.com/Back-Road-Creative/rigscore

Try it → GitHub → All releases →
← Back to Releases