Secure-MCP-Gateway
Verified Safeby nik-kale
Overview
A security-first gateway for AI agents to interact with external tools and infrastructure, enforcing policies, human approvals, and comprehensive auditing.
Installation
docker-compose up --buildEnvironment Variables
- NODE_ENV
- REDIS_URL
- LOG_LEVEL
- APPROVAL_TTL
- JIRA_URL
- JIRA_EMAIL
- JIRA_TOKEN
- JWT_SECRET
- API_KEYS
- CORS_ORIGIN
- WEBHOOK_URL
- WEBHOOK_EVENTS
- WEBHOOK_SECRET
- WEBHOOK_FORMAT
- SMCP_API_URL
- SMCP_API_KEY
- OIDC_ISSUER
- OIDC_CLIENT_ID
- OIDC_CLIENT_SECRET
- OIDC_REDIRECT_URI
- OIDC_ROLE_CLAIM
- PORT
Security Notes
The project emphasizes a 'security-first' design with comprehensive input validation (Zod), automatic PII/secret redaction in logs, policy-based access control, human-in-the-loop approvals, and structured audit logging. It utilizes security middleware like Helmet.js and `express-rate-limit`. Authentication with JWT and API keys is implemented, alongside OIDC integration. Key security considerations for deployment include an explicitly noted placeholder `JWT_SECRET` that *must* be changed in production, and a statement in `SECURITY_MODEL.md` that internal TLS/encryption is out of scope, relying on external transport (e.g., a reverse proxy). The provided Docker Compose setup for Redis lacks explicit authentication configuration, which can be a risk if not deployed in a trusted network or with additional Redis security measures.
Similar Servers
keyboard-local
Enables AI clients to execute real-world tasks through connected third-party tools (APIs, CLIs, SDKs) with human approval, leveraging a secure GitHub Codespace environment.
mcp-image
The MCP server enables AI assistants to generate and edit images using Google's Gemini 3 Pro Image, with intelligent prompt optimization provided by Gemini 2.0 Flash.
1mcp
Orchestrates AI agent tool calls by executing JavaScript/TypeScript code in a WASM sandbox, reducing LLM context bloat and managing security policies.
mdk-mcp-server
Provides AI agents with comprehensive SAP Mobile Development Kit (MDK) knowledge and tools to assist in MDK application development, including project creation, artifact generation (pages, actions, i18n, rules), project management (build, deploy, validate, migrate), and documentation access.