After a real trojan slipped through my MCP marketplace last week (Trojan:Win64/Lazy.PGPK!MTB hidden in a nested zip), I went deep on defense-in-depth. The result is 8 layers running in production at marketnow.site.
Here's what each layer actually catches — with concrete examples.
Layer 1: L1.5 — Metadata checks (6 rules)
The cheapest layer. Runs on every skill's metadata (name, description, system_prompt, install command).
Catches:






