[![en](https://img.shields.io/badge/lang-en-blue.svg?style=for-the-badge)](README.md) [![ko](https://img.shields.io/badge/lang-ko-green.svg?style=for-the-badge)](README-ko.md) # AIM Guard MCP [![Trust Score](https://archestra.ai/mcp-catalog/api/badge/quality/AIM-Intelligence/AIM-MCP)](https://archestra.ai/mcp-catalog/AIM-Intelligence__AIM-MCP) [![smithery badge](https://smithery.ai/badge/@AIM-Intelligence/aim-mcp)](https://smithery.ai/server/@AIM-Intelligence/aim-mcp) [![NPM Version](https://img.shields.io/npm/v/aim-guard-mcp)](https://www.npmjs.com/package/aim-guard-mcp) [![Smithery Server](https://img.shields.io/badge/Smithery-MCP%20Server-red)](https://smithery.ai/server/@AIM-Intelligence/aim-mcp) ๐Ÿ›ก๏ธ **AIM MCP Server :: MCP ๋ฐ AI ์—์ด์ „ํŠธ๋ฅผ ๋ณดํ˜ธํ•˜๊ณ  ๋ฐฉ์–ดํ•˜์„ธ์š”** AI ๊ธฐ๋ฐ˜ ๋ณด์•ˆ ๋ถ„์„ ๋ฐ ์•ˆ์ „ ์ง€์‹œ ๋„๊ตฌ๋ฅผ ์ œ๊ณตํ•˜๋Š” Model Context Protocol (MCP) ์„œ๋ฒ„์ž…๋‹ˆ๋‹ค. ์ด ์„œ๋ฒ„๋Š” ๋‹ค์–‘ํ•œ MCP ๋ฐ ์™ธ๋ถ€ ์„œ๋น„์Šค์™€ ์ƒํ˜ธ ์ž‘์šฉํ•  ๋•Œ ๋ณด์•ˆ ์ง€์นจ, ์ฝ˜ํ…์ธ  ๋ถ„์„ ๋ฐ ์ฃผ์˜ ์‚ฌํ•ญ์„ ์ œ๊ณตํ•˜์—ฌ AI ์—์ด์ „ํŠธ๋ฅผ ๋ณดํ˜ธํ•˜๋Š” ๋ฐ ๋„์›€์„ ์ค๋‹ˆ๋‹ค. AIM-Guard-MCP MCP server ## ๊ธฐ๋Šฅ ### ๐Ÿ”ง ๋„๊ตฌ (์ด 6๊ฐœ) - ๐Ÿ›ก๏ธ **AI ์•ˆ์ „ ๊ฐ€๋“œ**: MCP ์ƒํ˜ธ ์ž‘์šฉ์„ ์œ„ํ•œ ๋งฅ๋ฝ์  ๋ณด์•ˆ ์ง€์นจ - ๐Ÿ” **ํ…์ŠคํŠธ ๊ฐ€๋“œ ๋ถ„์„**: AIM Intelligence API๋ฅผ ์‚ฌ์šฉํ•œ ์œ ํ•ด ์ฝ˜ํ…์ธ  ๊ฐ์ง€ - ๐Ÿ”’ **๋ณด์•ˆ ํ”„๋กฌํ”„ํŠธ ๊ฐ•ํ™”**: ์‚ฌ์šฉ์ž ํ”„๋กฌํ”„ํŠธ์— ๋ณด์•ˆ ๋ ˆ์ด์–ด ์ถ”๊ฐ€ - ๐Ÿšจ **ํ”„๋กฌํ”„ํŠธ ์ธ์ ์…˜ ํƒ์ง€๊ธฐ**: OWASP LLM01:2025 ์ค€์ˆ˜ ์ธ์ ์…˜ ํƒ์ง€ - ๐Ÿ” **์ž๊ฒฉ ์ฆ๋ช… ์Šค์บ๋„ˆ**: ๋…ธ์ถœ๋œ API ํ‚ค, ๋น„๋ฐ€๋ฒˆํ˜ธ, ํ† ํฐ ๋ฐ ์‹œํฌ๋ฆฟ ๊ฒ€์ƒ‰ - ๐ŸŒ **URL ๋ณด์•ˆ ๊ฒ€์ฆ๊ธฐ**: ํ”ผ์‹ฑ, ์•…์„ฑ์ฝ”๋“œ ๋ฐ HTTPS ์ ์šฉ์— ๋Œ€ํ•œ URL ๊ฒ€์ฆ ### ๐Ÿ“š ๋ฆฌ์†Œ์Šค (์ด 9๊ฐœ) - ๐Ÿ“‹ **๋ณด์•ˆ ์ฒดํฌ๋ฆฌ์ŠคํŠธ**: MCP๋ณ„ ๋ณด์•ˆ ์ฒดํฌ๋ฆฌ์ŠคํŠธ (๋ฐ์ดํ„ฐ๋ฒ ์ด์Šค, ์ด๋ฉ”์ผ, ์Šฌ๋ž™, ํŒŒ์ผ, ์›น, ์ผ๋ฐ˜) - ๐Ÿ“– **๋ณด์•ˆ ์ •์ฑ…**: ํฌ๊ด„์ ์ธ ์ •์ฑ… (๋ฐ์ดํ„ฐ ๋ถ„๋ฅ˜, ์ ‘๊ทผ ์ œ์–ด, ์‚ฌ๊ณ  ๋Œ€์‘) ### ๐Ÿ’ฌ ํ”„๋กฌํ”„ํŠธ (์ด 2๊ฐœ) - ๐Ÿ” **๋ณด์•ˆ ๊ฒ€ํ† **: ๋‹ค๋‹จ๊ณ„ ๋ณด์•ˆ ๊ฒ€ํ†  ์›Œํฌํ”Œ๋กœ์šฐ - โš ๏ธ **์œ„ํ˜‘ ๋ถ„์„**: STRIDE ๊ธฐ๋ฐ˜ ์œ„ํ˜‘ ๋ชจ๋ธ๋ง ๋ฐ ์œ„ํ—˜ ํ‰๊ฐ€ ### ๐ŸŽฏ ์ผ๋ฐ˜ - โšก **๋น ๋ฅด๊ณ  ๊ฐ€๋ฒผ์›€**: TypeScript์™€ Zod ๊ฒ€์ฆ์œผ๋กœ ๊ตฌ์ถ• - ๐Ÿ”ง **์‰ฌ์šด ํ†ตํ•ฉ**: ๋ชจ๋“  MCP ํ˜ธํ™˜ AI ์–ด์‹œ์Šคํ„ดํŠธ์™€ ์ž‘๋™ - ๐Ÿ”— **API ํ†ตํ•ฉ**: ๊ณ ๊ธ‰ ๋ถ„์„์„ ์œ„ํ•œ AIM Intelligence API ์—ฐ๊ฒฐ - ๐Ÿ“š **ํฌ๊ด„์ ์ธ ๋ฌธ์„œ**: ๋„๊ตฌ, ๋ฆฌ์†Œ์Šค ๋ฐ ํ”„๋กฌํ”„ํŠธ์— ๋Œ€ํ•œ ์ƒ์„ธํ•œ ๊ฐ€์ด๋“œ ## ์„ค์น˜ ### Smithery๋ฅผ ํ†ตํ•œ ์„ค์น˜ [Smithery](https://smithery.ai/server/@AIM-Intelligence/aim-mcp)๋ฅผ ํ†ตํ•ด Claude Desktop์— aim-mcp๋ฅผ ์ž๋™์œผ๋กœ ์„ค์น˜ํ•˜๋ ค๋ฉด: ```bash npx -y @smithery/cli install @AIM-Intelligence/aim-mcp --client claude ``` ### NPX (๊ถŒ์žฅ) ```bash npx aim-guard-mcp ``` ### ์ „์—ญ ์„ค์น˜ ```bash npm install -g aim-guard-mcp aim-guard-mcp ``` ### ๋กœ์ปฌ ์„ค์น˜ ```bash npm install aim-guard-mcp ``` ## ์‚ฌ์šฉ๋ฒ• ### MCP ์„œ๋ฒ„๋กœ ์‚ฌ์šฉ MCP ํด๋ผ์ด์–ธํŠธ ์„ค์ •์— ์ถ”๊ฐ€: ```json { "servers": { "aim-guard": { "type": "stdio", "command": "npx", "args": ["aim-guard-mcp"] } } } ``` ### ๋„๊ตฌ ํ…Œ์ŠคํŠธ #### AI ์•ˆ์ „ ๊ฐ€๋“œ ํ…Œ์ŠคํŠธ ```bash # ๋ฐ์ดํ„ฐ๋ฒ ์ด์Šค ์ž‘์—…์— ๋Œ€ํ•œ ์•ˆ์ „ ์ง€์นจ ๊ฐ€์ ธ์˜ค๊ธฐ { "name": "ai-safety-guard", "arguments": { "mcp_type": "database", "operation_type": "query", "sensitivity_level": "confidential" } } ``` #### ํ…์ŠคํŠธ ๊ฐ€๋“œ ํ…Œ์ŠคํŠธ ```bash # ํ…์ŠคํŠธ์˜ ์œ ํ•ด ์ฝ˜ํ…์ธ  ๋ถ„์„ { "name": "aim-text-guard", "arguments": { "text": "์•ˆ์ „์„ฑ์„ ๋ถ„์„ํ•  ์ƒ˜ํ”Œ ํ…์ŠคํŠธ์ž…๋‹ˆ๋‹ค." } } ``` #### ๋ณด์•ˆ ํ”„๋กฌํ”„ํŠธ ๊ฐ•ํ™” ํ…Œ์ŠคํŠธ ```bash # ๋ณด์•ˆ ์ง€์นจ์œผ๋กœ ์‚ฌ์šฉ์ž ํ”„๋กฌํ”„ํŠธ ๊ฐ•ํ™” { "name": "aim-security-prompt-tool", "arguments": { "user_prompt": "์ด ์ž‘์—…์„ ๋„์™€์ฃผ์„ธ์š”", "security_level": "strict" } } ``` ### ์‚ฌ์šฉ ๊ฐ€๋Šฅํ•œ ๋„๊ตฌ #### 1. `ai-safety-guard` AI ์—์ด์ „ํŠธ๊ฐ€ ๋‹ค๋ฅธ MCP์™€ ์ƒํ˜ธ ์ž‘์šฉํ•˜๊ธฐ ์ „์— ๋งฅ๋ฝ์  ๋ณด์•ˆ ์ง€์นจ ๋ฐ ์ฃผ์˜ ์‚ฌํ•ญ์„ ์ œ๊ณตํ•ฉ๋‹ˆ๋‹ค. ```json { "name": "ai-safety-guard", "arguments": { "mcp_type": "email|slack|database|file|web|general", "operation_type": "read|write|execute|delete|send|query", "sensitivity_level": "public|internal|confidential|restricted" } } ``` **๊ธฐ๋Šฅ**: ์ปจํ…์ŠคํŠธ ์ธ์‹ ๊ฐ€์ด๋“œ๋ผ์ธ, ์ž‘์—…๋ณ„ ๊ฒฝ๊ณ , ์œ„ํ—˜ ์‹ ํ˜ธ ๊ฐ์ง€ #### 2. `aim-text-guard` AIM Intelligence API๋ฅผ ์‚ฌ์šฉํ•˜์—ฌ ์œ ํ•ดํ•˜๊ฑฐ๋‚˜ ๋ถ€์ ์ ˆํ•œ ์ฝ˜ํ…์ธ ์— ๋Œ€ํ•œ ํ…์ŠคํŠธ ์ฝ˜ํ…์ธ ๋ฅผ ๋ถ„์„ํ•ฉ๋‹ˆ๋‹ค. ```json { "name": "aim-text-guard", "arguments": { "text": "๋ถ„์„ํ•  ํ…์ŠคํŠธ ์ฝ˜ํ…์ธ " } } ``` **๊ธฐ๋Šฅ**: ์‹ค์‹œ๊ฐ„ ๋ถ„์„, ์œ ํ•ด ์ฝ˜ํ…์ธ  ๊ฐ์ง€, ์ƒ์„ธํ•œ JSON ๊ฒฐ๊ณผ #### 3. `aim-security-prompt-tool` ๋” ์•ˆ์ „ํ•œ AI ์ƒํ˜ธ ์ž‘์šฉ์„ ์œ„ํ•ด ์‚ฌ์šฉ์ž ํ”„๋กฌํ”„ํŠธ๋ฅผ ๋ณด์•ˆ ์ง€์นจ์œผ๋กœ ๊ฐ•ํ™”ํ•ฉ๋‹ˆ๋‹ค. ```json { "name": "aim-security-prompt-tool", "arguments": { "user_prompt": "์›๋ณธ ์‚ฌ์šฉ์ž ํ”„๋กฌํ”„ํŠธ", "security_level": "basic|standard|strict" } } ``` **๊ธฐ๋Šฅ**: ๋‹ค๋‹จ๊ณ„ ๊ฐ•ํ™”, ์œ„ํ˜‘ ๋ถ„์„, ์†Œ์…œ ์—”์ง€๋‹ˆ์–ด๋ง ๋ณดํ˜ธ #### 4. `prompt-injection-detector` ๐Ÿ†• OWASP LLM01:2025 ํŒจํ„ด์„ ๊ธฐ๋ฐ˜์œผ๋กœ ํ”„๋กฌํ”„ํŠธ ์ธ์ ์…˜ ์‹œ๋„๋ฅผ ๊ฐ์ง€ํ•ฉ๋‹ˆ๋‹ค. ```json { "name": "prompt-injection-detector", "arguments": { "text": "์ธ์ ์…˜ ํŒจํ„ด์„ ๋ถ„์„ํ•  ํ…์ŠคํŠธ", "sensitivity": "low|medium|high" } } ``` **๊ธฐ๋Šฅ**: - 15๊ฐœ ์ด์ƒ์˜ ์ธ์ ์…˜ ํŒจํ„ด ๊ฐ์ง€ (์ง€์‹œ ๋ฎ์–ด์“ฐ๊ธฐ, ์—ญํ•  ์กฐ์ž‘, ํƒˆ์˜ฅ ์‹œ๋„) - ์‹ฌ๊ฐ๋„ ํ‰๊ฐ€๋ฅผ ํ†ตํ•œ ์œ„ํ—˜ ์ ์ˆ˜ (0-100) - OWASP LLM01:2025 ์ค€์ˆ˜ - ๊ตฌ์„ฑ ๊ฐ€๋Šฅํ•œ ๋ฏผ๊ฐ๋„ ์ˆ˜์ค€ - ์ƒ์„ธํ•œ ์œ„ํ˜‘ ๋ณด๊ณ  #### 5. `credential-scanner` ๐Ÿ†• API ํ‚ค, ๋น„๋ฐ€๋ฒˆํ˜ธ, ํ† ํฐ ๋ฐ SSH ํ‚ค๋ฅผ ํฌํ•จํ•œ ๋…ธ์ถœ๋œ ์ž๊ฒฉ ์ฆ๋ช…์— ๋Œ€ํ•œ ํ…์ŠคํŠธ ๊ฒ€์ƒ‰. ```json { "name": "credential-scanner", "arguments": { "text": "์ž๊ฒฉ ์ฆ๋ช…์„ ๊ฒ€์ƒ‰ํ•  ํ…์ŠคํŠธ", "mask_findings": true } } ``` **๊ธฐ๋Šฅ**: - 50๊ฐœ ์ด์ƒ์˜ ์ž๊ฒฉ ์ฆ๋ช… ํŒจํ„ด (AWS, GitHub, Google, OpenAI, Stripe, JWT, SSH ํ‚ค) - ์ž๋™ ์ž๊ฒฉ ์ฆ๋ช… ๋งˆ์Šคํ‚น - ์œ„ํ—˜ ์ˆ˜์ค€ ํ‰๊ฐ€ - ํ”Œ๋žซํผ๋ณ„ ๊ฐ์ง€ (AWS, GitHub, Slack, ๋ฐ์ดํ„ฐ๋ฒ ์ด์Šค) - ์‹คํ–‰ ๊ฐ€๋Šฅํ•œ ๋ณด์•ˆ ๊ถŒ์žฅ ์‚ฌํ•ญ #### 6. `url-security-validator` ๐Ÿ†• ํ”ผ์‹ฑ, ์•…์„ฑ์ฝ”๋“œ ๋ฐ ๋ณด์•ˆ ๋ฌธ์ œ์— ๋Œ€ํ•œ URL ์•ˆ์ „์„ฑ ๊ฒ€์ฆ. ```json { "name": "url-security-validator", "arguments": { "url": "๊ฒ€์ฆํ•  URL", "strict_mode": false } } ``` **๊ธฐ๋Šฅ**: - 10๊ฐœ ์ด์ƒ์˜ ๋ณด์•ˆ ๊ฒ€์‚ฌ (ํ”„๋กœํ† ์ฝœ, TLD, IP ์ฃผ์†Œ, ํ˜ธ๋ชจ๊ทธ๋ž˜ํ”„ ๊ณต๊ฒฉ) - ํ”ผ์‹ฑ ๋„๋ฉ”์ธ ๊ฐ์ง€ - URL ๋‹จ์ถ•๊ธฐ ์‹๋ณ„ - ์˜์‹ฌ์Šค๋Ÿฌ์šด ๋งค๊ฐœ๋ณ€์ˆ˜ ๊ฐ์ง€ - HTTPS ์ ์šฉ ๊ฒ€์ฆ ### ์‚ฌ์šฉ ๊ฐ€๋Šฅํ•œ ๋ฆฌ์†Œ์Šค ๐Ÿ†• ๋ฆฌ์†Œ์Šค๋Š” URI ์Šคํ‚ค๋งˆ๋ฅผ ํ†ตํ•ด ์ ‘๊ทผ ๊ฐ€๋Šฅํ•œ ์ฝ๊ธฐ ์ „์šฉ ๋ณด์•ˆ ๋ฌธ์„œ ๋ฐ ์ •์ฑ…์„ ์ œ๊ณตํ•ฉ๋‹ˆ๋‹ค. #### ๋ณด์•ˆ ์ฒดํฌ๋ฆฌ์ŠคํŠธ `security-checklist://[type]`๋ฅผ ํ†ตํ•ด ์ ‘๊ทผ - `security-checklist://database` - ๋ฐ์ดํ„ฐ๋ฒ ์ด์Šค ์ž‘์—… ์ฒดํฌ๋ฆฌ์ŠคํŠธ - `security-checklist://email` - ์ด๋ฉ”์ผ ์ž‘์—… ์ฒดํฌ๋ฆฌ์ŠคํŠธ - `security-checklist://slack` - ์ฑ„ํŒ…/๋ฉ”์‹œ์ง• ์ž‘์—… ์ฒดํฌ๋ฆฌ์ŠคํŠธ - `security-checklist://file` - ํŒŒ์ผ ์ž‘์—… ์ฒดํฌ๋ฆฌ์ŠคํŠธ - `security-checklist://web` - ์›น ์š”์ฒญ ์ฒดํฌ๋ฆฌ์ŠคํŠธ - `security-checklist://general` - ์ผ๋ฐ˜ MCP ์ž‘์—… ์ฒดํฌ๋ฆฌ์ŠคํŠธ **๊ฐ ์ฒดํฌ๋ฆฌ์ŠคํŠธ ํฌํ•จ ๋‚ด์šฉ**: - ์ž‘์—… ์ „ ํ™•์ธ ์‚ฌํ•ญ - ์ž‘์—… ์ค‘ ๊ฐ€์ด๋“œ๋ผ์ธ - ์ž‘์—… ํ›„ ๊ฒ€์ฆ - ์ž‘์—… ์ค‘๋‹จ์„ ์œ„ํ•œ ์œ„ํ—˜ ์‹ ํ˜ธ #### ๋ณด์•ˆ ์ •์ฑ… `security-policy://[type]`๋ฅผ ํ†ตํ•ด ์ ‘๊ทผ - `security-policy://data-classification` - ๋ฐ์ดํ„ฐ ๋ถ„๋ฅ˜ ์ˆ˜์ค€ ๋ฐ ์ฒ˜๋ฆฌ ์š”๊ตฌ ์‚ฌํ•ญ - `security-policy://access-control` - ์ ‘๊ทผ ์ œ์–ด ์›์น™ ๋ฐ ์ธ์ฆ ์š”๊ตฌ ์‚ฌํ•ญ - `security-policy://incident-response` - ์‚ฌ๊ณ  ๋Œ€์‘ ์ ˆ์ฐจ ๋ฐ ์‹ฌ๊ฐ๋„ ์ˆ˜์ค€ ### ์‚ฌ์šฉ ๊ฐ€๋Šฅํ•œ ํ”„๋กฌํ”„ํŠธ ๐Ÿ†• ํ”„๋กฌํ”„ํŠธ๋Š” ๋ณต์žกํ•œ ๋ณด์•ˆ ์ž‘์—…์„ ์œ„ํ•œ ์žฌ์‚ฌ์šฉ ๊ฐ€๋Šฅํ•œ ์›Œํฌํ”Œ๋กœ์šฐ ํ…œํ”Œ๋ฆฟ์„ ์ œ๊ณตํ•ฉ๋‹ˆ๋‹ค. #### 1. `security-review` ์ฝ”๋“œ, ๋ฐ์ดํ„ฐ ๋˜๋Š” ๊ตฌ์„ฑ์— ๋Œ€ํ•œ ํฌ๊ด„์ ์ธ ๋ณด์•ˆ ๊ฒ€ํ†  ์›Œํฌํ”Œ๋กœ์šฐ. ```json { "name": "security-review", "arguments": { "target_type": "code|data|configuration", "context": "์ถ”๊ฐ€ ์ปจํ…์ŠคํŠธ (์„ ํƒ ์‚ฌํ•ญ)" } } ``` **์›Œํฌํ”Œ๋กœ์šฐ**: 1. ์ž๊ฒฉ ์ฆ๋ช… ์Šค์บ” 2. ํ”„๋กฌํ”„ํŠธ ์ธ์ ์…˜ ๊ฐ์ง€ (ํ•ด๋‹นํ•˜๋Š” ๊ฒฝ์šฐ) 3. ๋ณด์•ˆ ์ฒดํฌ๋ฆฌ์ŠคํŠธ ์ฐธ์กฐ 4. ์ •์ฑ… ์ค€์ˆ˜ ๊ฒ€ํ†  5. ์œ„ํ˜‘ ๋ถ„์„ 6. ์œ„ํ—˜ ํ‰๊ฐ€ ๋ฐ ๊ถŒ์žฅ ์‚ฌํ•ญ 7. **์š”์•ฝ ํ…Œ์ด๋ธ”** - ์‹ฌ๊ฐ๋„๋ณ„ ๋ชจ๋“  ๊ฒฐ๊ณผ์˜ ์‹œ๊ฐ์  ๊ฐœ์š” **์š”์•ฝ ์ถœ๋ ฅ ์˜ˆ์‹œ**: ``` ๐Ÿ“Š ์š”์•ฝ | ์‹ฌ๊ฐ๋„ | ๊ฐœ์ˆ˜ | ํŒŒ์ผ/์œ„์น˜ | |-------------|-----|------------------------| | ๐Ÿ”ด CRITICAL | 1 | resources/handler.ts | | ๐ŸŸ  HIGH | 2 | textGuard.ts | | ๐ŸŸก MEDIUM | 3 | prompts/handler.ts | | ๐ŸŸข LOW | 5 | credentialScanner.ts | ``` #### 2. `threat-analysis` STRIDE ๋ฐฉ๋ฒ•๋ก ์„ ์‚ฌ์šฉํ•˜์—ฌ ์ž ์žฌ์  ๋ณด์•ˆ ์œ„ํ˜‘์„ ๋ถ„์„ํ•ฉ๋‹ˆ๋‹ค. ```json { "name": "threat-analysis", "arguments": { "scenario": "๋ถ„์„ํ•  ๋ณด์•ˆ ์‹œ๋‚˜๋ฆฌ์˜ค", "sensitivity_level": "public|internal|confidential|restricted" } } ``` **ํ”„๋ ˆ์ž„์›Œํฌ**: 1. ์ž์‚ฐ ์‹๋ณ„ 2. STRIDE ์œ„ํ˜‘ ๋ชจ๋ธ๋ง (์Šคํ‘ธํ•‘, ๋ณ€์กฐ, ๋ถ€์ธ ๋ฐฉ์ง€, ์ •๋ณด ๊ณต๊ฐœ, DoS, ๊ถŒํ•œ ์ƒ์Šน) 3. ์œ„ํ—˜ ํ‰๊ฐ€ (๊ฐ€๋Šฅ์„ฑ ร— ์˜ํ–ฅ) 4. ๊ณต๊ฒฉ ๋ฒกํ„ฐ ๋ถ„์„ 5. ์ œ์–ด ๊ฒฉ์ฐจ ์‹๋ณ„ 6. ์™„ํ™” ์ „๋žต 7. ๊ทœ์ • ์ค€์ˆ˜ ๊ณ ๋ ค ์‚ฌํ•ญ 8. ์‚ฌ๊ณ  ๋Œ€์‘ ๊ณ„ํš 9. **์š”์•ฝ ํ…Œ์ด๋ธ”** - ์‹ฌ๊ฐ๋„๋ณ„ ๋ชจ๋“  ์œ„ํ˜‘์˜ ์‹œ๊ฐ์  ๊ฐœ์š” **์š”์•ฝ ์ถœ๋ ฅ ์˜ˆ์‹œ**: ``` ๐Ÿ“Š ์š”์•ฝ | ์‹ฌ๊ฐ๋„ | ๊ฐœ์ˆ˜ | ์œ„ํ˜‘ ์œ ํ˜• | |-------------|-----|---------------------------------| | ๐Ÿ”ด CRITICAL | 2 | Information Disclosure, Spoofing | | ๐ŸŸ  HIGH | 1 | Elevation of Privilege | | ๐ŸŸก MEDIUM | 3 | Tampering, DoS | | ๐ŸŸข LOW | 1 | Repudiation | ``` ## ๋ณด์•ˆ ๊ธฐ๋Šฅ ### ๐Ÿ›ก๏ธ AI ์—์ด์ „ํŠธ ๋ณดํ˜ธ - **MCP ์ƒํ˜ธ ์ž‘์šฉ ์•ˆ์ „**: ๋‹ค์–‘ํ•œ MCP ์œ ํ˜•์— ๋Œ€ํ•œ ๋งฅ๋ฝ์  ๊ฐ€์ด๋“œ๋ผ์ธ - **์ž‘์—… ๊ฒ€์ฆ**: ์ฝ๊ธฐ/์“ฐ๊ธฐ/์‹คํ–‰ ์ž‘์—…์— ๋Œ€ํ•œ ํŠน์ • ์ฃผ์˜ ์‚ฌํ•ญ - **๋ฐ์ดํ„ฐ ๋ฏผ๊ฐ๋„ ์ฒ˜๋ฆฌ**: ๋ฐ์ดํ„ฐ ๋ถ„๋ฅ˜ ์ˆ˜์ค€์— ๊ธฐ๋ฐ˜ํ•œ ํ”„๋กœํ† ์ฝœ ### ๐Ÿ” ์ฝ˜ํ…์ธ  ๋ถ„์„ - **์‹ค์‹œ๊ฐ„ ์œ„ํ˜‘ ๊ฐ์ง€**: ์œ ํ•ดํ•œ ํŒจํ„ด์— ๋Œ€ํ•œ ์ฝ˜ํ…์ธ  ๋ถ„์„ - **ํ”„๋กฌํ”„ํŠธ ์ธ์ ์…˜ ๊ฐ์ง€**: OWASP LLM01:2025 ์ค€์ˆ˜ ํŒจํ„ด ๋งค์นญ - **์ž๊ฒฉ ์ฆ๋ช… ๋…ธ์ถœ ๋ฐฉ์ง€**: 50๊ฐœ ์ด์ƒ์˜ ๋…ธ์ถœ๋œ ์‹œํฌ๋ฆฟ ์œ ํ˜• ๊ฒ€์ƒ‰ - **API ๊ธฐ๋ฐ˜ ๋ถ„์„**: ๊ณ ๊ธ‰ AI ๊ธฐ๋ฐ˜ ์ฝ˜ํ…์ธ  ์•ˆ์ „์„ฑ ํ‰๊ฐ€ ### ๐ŸŒ URL ๋ณด์•ˆ - **ํ”ผ์‹ฑ ๊ฐ์ง€**: ์˜์‹ฌ์Šค๋Ÿฌ์šด ๋„๋ฉ”์ธ ๋ฐ ํ˜ธ๋ชจ๊ทธ๋ž˜ํ”„ ๊ณต๊ฒฉ ์‹๋ณ„ - **HTTPS ์ ์šฉ**: ์•ˆ์ „ํ•œ ํ”„๋กœํ† ์ฝœ ์‚ฌ์šฉ ๊ฒ€์ฆ - **์•…์„ฑ URL ์ฐจ๋‹จ**: ์•Œ๋ ค์ง„ ์œ„ํ˜‘ ์ง€ํ‘œ ํ™•์ธ ### ๐Ÿ“š ์ •์ฑ… ๋ฐ ์ค€์ˆ˜ - **๋ณด์•ˆ ์ฒดํฌ๋ฆฌ์ŠคํŠธ**: ๋ชจ๋“  MCP ์œ ํ˜•์— ๋Œ€ํ•œ ์‚ฌ์ „ ๊ตฌ์ถ•๋œ ์ฒดํฌ๋ฆฌ์ŠคํŠธ - **๋ฐ์ดํ„ฐ ๋ถ„๋ฅ˜**: ๋ฏผ๊ฐํ•œ ๋ฐ์ดํ„ฐ ์ฒ˜๋ฆฌ๋ฅผ ์œ„ํ•œ ๋ช…ํ™•ํ•œ ์ •์ฑ… - **์ ‘๊ทผ ์ œ์–ด**: ์ธ์ฆ ๋ฐ ๊ถŒํ•œ ๋ถ€์—ฌ ๊ฐ€์ด๋“œ๋ผ์ธ - **์‚ฌ๊ณ  ๋Œ€์‘**: ๋ณด์•ˆ ์‚ฌ๊ณ ์— ๋Œ€ํ•œ ๊ตฌ์กฐํ™”๋œ ์ ˆ์ฐจ ### ๐Ÿ”’ ์›Œํฌํ”Œ๋กœ์šฐ ์˜ค์ผ€์ŠคํŠธ๋ ˆ์ด์…˜ - **๋ณด์•ˆ ๊ฒ€ํ†  ํ”„๋กฌํ”„ํŠธ**: ๋‹ค๋‹จ๊ณ„ ๊ฒ€ํ†  ์›Œํฌํ”Œ๋กœ์šฐ - **์œ„ํ˜‘ ๋ถ„์„**: STRIDE ๊ธฐ๋ฐ˜ ์œ„ํ˜‘ ๋ชจ๋ธ๋ง - **์ž๋™ํ™”๋œ ๊ฐ์‚ฌ**: ํฌ๊ด„์ ์ธ ๊ฒ€์‚ฌ๋ฅผ ์œ„ํ•œ ์—ฌ๋Ÿฌ ๋„๊ตฌ ๊ฒฐํ•ฉ ## ๊ฐœ๋ฐœ ```bash # ์ €์žฅ์†Œ ๋ณต์ œ git clone https://github.com/AIM-Intelligence/AIM-MCP.git cd AIM-MCP # ์˜์กด์„ฑ ์„ค์น˜ pnpm install # ํ”„๋กœ์ ํŠธ ๋นŒ๋“œ pnpm run build # ๊ฐœ๋ฐœ ๋ชจ๋“œ๋กœ ์‹คํ–‰ pnpm run dev # ํ…Œ์ŠคํŠธ ์‹คํ–‰ pnpm test ``` ## ๋ฐฐํฌ ์ด ํ”„๋กœ์ ํŠธ๋Š” NPM์— ์›ํ™œํ•˜๊ฒŒ ๋ฐฐํฌํ•˜๊ธฐ ์œ„ํ•œ ์ž๋™ํ™”๋œ CI/CD ํŒŒ์ดํ”„๋ผ์ธ์„ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. ### ์ž๋™ ๋ฐฐํฌ `main` ๋ธŒ๋žœ์น˜์— ํ‘ธ์‹œํ•˜๋ฉด GitHub Actions๊ฐ€ ์ž๋™์œผ๋กœ: 1. **๋นŒ๋“œ ๋ฐ ํ…Œ์ŠคํŠธ**: TypeScript ์ปดํŒŒ์ผ ๋ฐ ํ…Œ์ŠคํŠธ ์‹คํ–‰ 2. **๋ฒ„์ „ ํ™•์ธ**: ํ˜„์žฌ ๋ฒ„์ „๊ณผ ๊ฒŒ์‹œ๋œ ๋ฒ„์ „ ๋น„๊ต 3. **NPM์— ๊ฒŒ์‹œ**: ๋ฒ„์ „์ด ๋ณ€๊ฒฝ๋˜๋ฉด ์ž๋™์œผ๋กœ ๊ฒŒ์‹œ 4. **๋ฆด๋ฆฌ์Šค ์ƒ์„ฑ**: ๋ฒ„์ „ ํƒœ๊ทธ์™€ ํ•จ๊ป˜ GitHub ๋ฆด๋ฆฌ์Šค ์ƒ์„ฑ ### ์ˆ˜๋™ ๋ฒ„์ „ ๊ด€๋ฆฌ ```bash # ํŒจ์น˜ ๋ฒ„์ „ ์ฆ๊ฐ€ (1.0.0 -> 1.0.1) pnpm run release:patch # ๋งˆ์ด๋„ˆ ๋ฒ„์ „ ์ฆ๊ฐ€ (1.0.0 -> 1.1.0) pnpm run release:minor # ๋ฉ”์ด์ € ๋ฒ„์ „ ์ฆ๊ฐ€ (1.0.0 -> 2.0.0) pnpm run release:major ``` ### NPM ํ† ํฐ ์„ค์ • ์ž๋™ ๋ฐฐํฌ๋ฅผ ํ™œ์„ฑํ™”ํ•˜๋ ค๋ฉด GitHub Secrets์— NPM ํ† ํฐ์„ ์ถ”๊ฐ€ํ•˜์„ธ์š”: 1. [npmjs.com](https://www.npmjs.com)์œผ๋กœ ์ด๋™ํ•˜์—ฌ ์ž๋™ํ™” ํ† ํฐ ์ƒ์„ฑ 2. GitHub ์ €์žฅ์†Œ์—์„œ Settings > Secrets and variables > Actions๋กœ ์ด๋™ 3. NPM ํ† ํฐ ๊ฐ’์œผ๋กœ `NPM_TOKEN`์ด๋ผ๋Š” ์ƒˆ ์‹œํฌ๋ฆฟ ์ถ”๊ฐ€ ### ๋ฐฐํฌ ์›Œํฌํ”Œ๋กœ์šฐ ```mermaid graph LR A[main์— ํ‘ธ์‹œ] --> B[GitHub Actions] B --> C[๋นŒ๋“œ & ํ…Œ์ŠคํŠธ] C --> D[๋ฒ„์ „ ํ™•์ธ] D --> E{๋ฒ„์ „ ๋ณ€๊ฒฝ?} E -->|์˜ˆ| F[NPM์— ๊ฒŒ์‹œ] E -->|์•„๋‹ˆ์˜ค| G[๋ฐฐํฌ ๊ฑด๋„ˆ๋›ฐ๊ธฐ] F --> H[GitHub ๋ฆด๋ฆฌ์Šค ์ƒ์„ฑ] F --> I[Git ํƒœ๊ทธ ์ƒ์„ฑ] ``` ## ๊ธฐ์—ฌํ•˜๊ธฐ 1. ์ €์žฅ์†Œ ํฌํฌ 2. ๊ธฐ๋Šฅ ๋ธŒ๋žœ์น˜ ์ƒ์„ฑ (`git checkout -b feature/amazing-feature`) 3. ๋ณ€๊ฒฝ ์‚ฌํ•ญ ์ปค๋ฐ‹ (`git commit -m 'Add some amazing feature'`) 4. ๋ธŒ๋žœ์น˜์— ํ‘ธ์‹œ (`git push origin feature/amazing-feature`) 5. Pull Request ์—ด๊ธฐ ## ๋ผ์ด์„ ์Šค ์ด ํ”„๋กœ์ ํŠธ๋Š” ISC ๋ผ์ด์„ ์Šค๋ฅผ ๋”ฐ๋ฆ…๋‹ˆ๋‹ค - ์ž์„ธํ•œ ๋‚ด์šฉ์€ [LICENSE](LICENSE) ํŒŒ์ผ์„ ์ฐธ์กฐํ•˜์„ธ์š”. ## ๋ฌธ์„œ - ๐Ÿ“š **[MCP ๊ตฌ์„ฑ ์š”์†Œ ๊ฐ€์ด๋“œ](./MCP_COMPONENTS_GUIDE.md)**: ๋„๊ตฌ, ๋ฆฌ์†Œ์Šค ๋ฐ ํ”„๋กฌํ”„ํŠธ์— ๋Œ€ํ•œ ํฌ๊ด„์ ์ธ ๊ฐ€์ด๋“œ - ๐Ÿ“– **[GitHub Wiki](https://github.com/AIM-Intelligence/AIM-MCP/wiki)**: ์ถ”๊ฐ€ ๋ฌธ์„œ ๋ฐ ์˜ˆ์ œ - ๐Ÿ” **[MCP ์‚ฌ์–‘](https://modelcontextprotocol.io/)**: ๊ณต์‹ Model Context Protocol ๋ฌธ์„œ ## ์ง€์› - ๐Ÿ“ง ์ด๋ฉ”์ผ: support@aim-intelligence.com - ๐Ÿ› ์ด์Šˆ: [GitHub Issues](https://github.com/AIM-Intelligence/AIM-MCP/issues) - ๐Ÿ’ฌ ํ† ๋ก : [GitHub Discussions](https://github.com/AIM-Intelligence/AIM-MCP/discussions) --- [AIM Intelligence](https://github.com/AIM-Intelligence)๊ฐ€ โค๏ธ๋ฅผ ๋‹ด์•„ ์ œ์ž‘ํ–ˆ์Šต๋‹ˆ๋‹ค