Guard

Other AI Agents Integration

This guide covers integrating AIVory Guard with any AI coding assistant, whether it supports MCP (Model Context Protocol) or requires a custom API integration.

  • MCP Integration is the easiest method for compatible tools
  • REST API available for custom integrations
  • Python and JavaScript code examples included
  • 5 MCP tools available: scan, batch_scan, get_config, get_rules, health_check

Prerequisites

Before you begin:


Integration Options

AIVory Guard supports three integration methods. Choose based on your tool’s capabilities:

MCP Integration
Recommended for tools supporting Model Context Protocol. Easiest setup with full feature access.
Direct API
Use AIVory’s REST API directly when MCP isn’t available. Full control over requests.
Custom Wrapper
Build a tailored integration layer for your specific tool or workflow.

MCP Integration

What is MCP?

The Model Context Protocol (MCP) is a standardized protocol for AI agents to communicate with external tools and services. Learn more at modelcontextprotocol.io.

Note MCP integration is the recommended approach - it provides the best experience with automatic tool discovery and standardized communication.

Supported Tools

AIVory Guard’s MCP server works with any MCP-compatible client:

Continue.dev
VS Code AI extension with MCP support
Cody
Sourcegraph’s AI coding assistant
Custom MCP Clients
Any tool implementing the MCP protocol

Generic MCP Configuration

Most MCP clients use a JSON configuration file. The exact location varies by tool, but the format is standard:

{
  "mcpServers": {
    "aivory": {
      "command": "npx",
      "args": ["@aivorynet/guard"],
      "env": {
        "AIVORY_API_KEY": "your_api_key_here"
      }
    }
  }
}

Common Configuration Locations

Tool Config File Location
Claude Code ~/.config/claude/mcp.json
Cursor .cursor/mcp.json (project root)
Continue.dev .continue/config.json
Custom Tool-specific (check docs)
Using npx vs Global Install

With npx (recommended):

{
  "mcpServers": {
    "aivory": {
      "command": "npx",
      "args": ["@aivorynet/guard"],
      "env": {
        "AIVORY_API_KEY": "your_key"
      }
    }
  }
}

With global install:

{
  "mcpServers": {
    "aivory": {
      "command": "aivory-guard",
      "args": [],
      "env": {
        "AIVORY_API_KEY": "your_key"
      }
    }
  }
}
Environment Variables

Customize behavior with environment variables:

{
  "mcpServers": {
    "aivory": {
      "command": "npx",
      "args": ["@aivorynet/guard"],
      "env": {
        "AIVORY_API_KEY": "your_key",
        "AIVORY_SERVER_URL": "https://app.aivory.net",
        "AIVORY_TIMEOUT": "30000"
      }
    }
  }
}

Direct API Integration

If your tool doesn’t support MCP, integrate with AIVory’s REST API.

API Endpoints

Base URL: https://app.aivory.net

Endpoints:
- POST /api/scan          - Scan code for violations
- POST /api/batch-scan    - Batch scan multiple files
- GET  /api/config        - Get compliance configuration
- GET  /api/rules         - List compliance rules
- GET  /api/health        - Health check

Authentication

All requests require Bearer token authentication:

Authorization: Bearer your_aivory_api_key
Note API keys start with aiv_ prefix. Generate new tokens at app.aivory.net/tokens.
Python Example
import requests

AIVORY_BASE_URL = "https://app.aivory.net"
AIVORY_API_KEY = "your_aivory_api_key"

def scan_code(code, language, filename="main.py"):
    """Scan code using AIVory Guard API"""
    headers = {
        "Authorization": f"Bearer {AIVORY_API_KEY}",
        "Content-Type": "application/json"
    }

    payload = {
        "code": code,
        "language": language,
        "filename": filename,
        "standards": ["OWASP", "GDPR", "HIPAA", "SOC2"]
    }

    response = requests.post(
        f"{AIVORY_BASE_URL}/api/scan",
        headers=headers,
        json=payload,
        timeout=30
    )

    return response.json()

# Usage
result = scan_code(
    code="def login(user, pwd): return user == pwd",
    language="python"
)

print(f"Violations: {len(result.get('violations', []))}")
JavaScript Example
const AIVORY_BASE_URL = 'https://app.aivory.net';
const AIVORY_API_KEY = process.env.AIVORY_API_KEY;

async function scanCode(code, language, filename = 'main.js') {
  const response = await fetch(`${AIVORY_BASE_URL}/api/scan`, {
    method: 'POST',
    headers: {
      'Authorization': `Bearer ${AIVORY_API_KEY}`,
      'Content-Type': 'application/json'
    },
    body: JSON.stringify({
      code,
      language,
      filename,
      standards: ['OWASP', 'GDPR', 'PCI-DSS']
    })
  });

  return await response.json();
}

// Usage
const result = await scanCode(
  'function auth(u, p) { return u === p; }',
  'javascript'
);

console.log('Violations:', result.violations?.length || 0);

Custom Wrapper Integration

Build a custom integration for your specific tool:

Step 1: Define Interface
class AIVoryGuardWrapper:
    def __init__(self, api_key):
        self.api_key = api_key
        self.base_url = "https://app.aivory.net"

    def scan(self, code, language):
        """Main scanning method"""
        return self._call_api("/api/scan", {
            "code": code,
            "language": language
        })

    def batch_scan(self, files):
        """Batch scanning method"""
        return self._call_api("/api/batch-scan", {
            "files": files
        })

    def get_config(self):
        """Get compliance configuration"""
        return self._call_api("/api/config", method="GET")

    def _call_api(self, endpoint, data=None, method="POST"):
        import requests
        headers = {"Authorization": f"Bearer {self.api_key}"}

        if method == "GET":
            response = requests.get(
                f"{self.base_url}{endpoint}",
                headers=headers
            )
        else:
            headers["Content-Type"] = "application/json"
            response = requests.post(
                f"{self.base_url}{endpoint}",
                headers=headers,
                json=data
            )

        return response.json()
Step 2: Integrate with Your Tool
# Example: Integrate with custom AI tool
from your_ai_tool import YourAITool

ai_tool = YourAITool()
aivory = AIVoryGuardWrapper(api_key="your_key")

# Generate code with your AI tool
code = ai_tool.generate_code("Create a login function")

# Scan with AIVory
scan_result = aivory.scan(code, language="python")

# Present results
if scan_result.get("violations"):
    print("Violations found! Fixing...")
    fixed_code = ai_tool.fix_code(code, scan_result["violations"])
    print("Fixed code:", fixed_code)
else:
    print("Code is compliant!")

Specific Tool Examples

Continue.dev (VS Code Extension)

Edit .continue/config.json:

{
  "mcpServers": [
    {
      "name": "aivory",
      "command": "npx",
      "args": ["@aivorynet/guard"],
      "env": {
        "AIVORY_API_KEY": "your_key"
      }
    }
  ]
}
Custom Python Agent
class CustomAgent:
    def __init__(self):
        self.aivory = AIVoryGuardWrapper(api_key=os.getenv("AIVORY_API_KEY"))

    def generate_secure_code(self, prompt):
        # Your code generation logic
        code = self.generate(prompt)

        # Scan with AIVory
        result = self.aivory.scan(code, language="python")

        return {
            "code": code,
            "compliant": len(result.get("violations", [])) == 0,
            "scan_result": result
        }

Available MCP Tools

When using MCP integration, your agent gets access to these tools:

scan_code
Scan a single file for compliance violations. Input: code, language, filename, standards.
batch_scan
Scan multiple files efficiently. Returns aggregated compliance report.
get_config
Get current compliance configuration and list of enabled standards.
get_rules
List available compliance rules with optional standard filter.
health_check
Verify backend connectivity, service status, and latency.

Testing Your Integration

After configuring, test the integration:

# Test AIVory Guard directly
npx @aivorynet/guard test

# Expected output:
#  Configuration loaded
#  Server: https://app.aivory.net
#  Backend is healthy
#  Compliance scan completed
Note After testing the CLI, restart your AI tool to load the new configuration, then ask it to list available tools to verify AIVory Guard is recognized.

Troubleshooting

MCP Server Not Starting

Solutions:

  1. Verify JSON syntax in config file
  2. Check Node.js 18+ is installed
  3. Ensure npx is in PATH
  4. Check tool-specific logs
API Authentication Errors

Solutions:

  1. Verify API key starts with aiv_
  2. Generate new token at app.aivory.net/tokens
  3. Check for spaces in the API key value
  4. Ensure Bearer token format in API calls
Connection Timeouts

Solutions:

  1. Increase timeout in config (default: 30000ms)
  2. Check internet connectivity
  3. Verify firewall isn’t blocking app.aivory.net
  4. Try switching networks

Best Practices

Warning Never hardcode API keys in your code. Always use environment variables or secure secret management.
Environment Variables
Store API keys securely, never in code
Error Handling
Implement retries and graceful failures
Caching
Cache scan results for unchanged code
Async Operations
Use non-blocking API calls
Rate Limiting
Respect API rate limits
Logging
Log scan results for audit trails

Need Help?

Can’t find integration instructions for your specific tool?


Next Steps