How much does it cost to self-host GuardVibe?

GuardVibe can be self-hosted starting at $4.13/mo on hetzner CAX11. Detected requirements: 4GB RAM, 40GB disk.

How hard is GuardVibe to self-host?

GuardVibe has a self-hosting difficulty score of 3/5 (1 = one-click, 5 = complex Kubernetes setup).

GuardVibe by goklab

TypeScript Apache-2.0 SECURITY.md

Security MCP for vibe coding. 390 rules, 36 tools, CLI + doctor. Host security, auth coverage mapping, LLM-powered deep scan (IDOR/business logic), taint analysis for Next.js, Supabase, Clerk, Stripe, Prisma, Drizzle, Hono, GraphQL, AI SDK, MCP, and the full AI-native stack.

ai-securityclaudeclerkcursormcpnextjsowaspprismasastsecuritystripesupabase

Verdict 48/100 health $4.13/mo cheapest, hetzner 3/5 setup difficulty Last release 4 days ago

Deploy GuardVibe on hetzner → View on GitHub

Health score

48 /100

6-dim composite

Self-hosts from

$4.13 /mo

hetzner · CAX11

Difficulty

3 /5

External DB / setup

GitHub stars

0 forks

About GuardVibe

From the project's README at github.com/goklab/guardvibe. Lightly cleaned for readability; for the full source see the upstream repo.

[](https://www.npmjs.com/package/guardvibe) [](https://opensource.org/licenses/Apache-2.0) [](https://github.com/goklab/guardvibe/actions/workflows/ci.yml) [](https://www.npmjs.com/package/guardvibe) [](https://codecov.io/gh/goklab/guardvibe)

The security MCP built for vibe coding. 390 security rules, 36 tools covering the entire AI-generated code journey, from first line to production deployment.

Works with Claude Code, Cursor, Gemini CLI, Codex, VS Code (Copilot), Windsurf, and any MCP-compatible coding agent. Why GuardVibe

Most security tools are built for enterprise security teams. GuardVibe is built for you, the developer using AI to build and ship web apps fast. 390 security rules, 36 tools purpose-built for the stacks AI agents generate Zero setup friction, and you're scanning No account required, runs 100% locally, no API keys, no cloud Understands your stack, not generic SAST, but rules that know Next.js, Supabase, Stripe, Clerk, and the tools you actually use CVE version intelligence, detects 23 known vulnerable package versions

Health score breakdown

6-dimension composite. See methodology for formula and weights.

activity

maturity

community

security

sustainability

adoption

Adoption signals

Real-world usage data, pulled from each registry. The bigger the numbers, the more battle-tested the project.

Signal	Value	Source
GitHub stars	1	github.com/goklab/guardvibe
GitHub forks	0	github.com/goklab/guardvibe
NPM downloads (last month)	10k	guardvibe

Release & maintenance

Is this project actively maintained, or about to die? Check the recency of last commit and last release.

Project age	0.1 years	since Mar 2026
Last commit	4 days ago	May 3, 2026
Releases shipped	132	last: 4 days ago
Security policy	SECURITY.md	declared by maintainers

Self-hosting cost across providers

Detected requirements: 4GB RAM, 40GB disk minimum. Cheapest plan per provider that meets the requirement.

Provider	Plan	Specs	Monthly
hetzner	CAX11	2c · 4GB · 40GB	$4.13 USD	Deploy →
vultr	VC2	1c · 1GB · 25GB	$5 USD	Deploy →
linode	Nanode 1GB	1c · 1GB · 25GB	$5.12 USD	Deploy →
digitalocean	Basic Regular 1GB	1c · 1GB · 25GB	$6 USD	Deploy →