pangea-mcp-proxy
Verified Safeby pangeacyber
Overview
The Pangea MCP proxy secures communications between an MCP client and any MCP server by running all MCP I/O through Pangea AI Guard to block prompt injections, malicious content, and PII.
Installation
npx -y @pangeacyber/mcp-proxyEnvironment Variables
- PANGEA_VAULT_TOKEN
- PANGEA_VAULT_ITEM_ID
- PANGEA_BASE_URL_TEMPLATE
- APP_ID
- APP_NAME
Security Notes
The server's primary function is to enhance security by acting as a proxy that routes client-server communications through Pangea AI Guard for threat detection and data protection. It uses Pangea Vault to securely fetch the AI Guard API token, which is a good practice for secret management and token rotation. Environment variables are used for sensitive API tokens (Vault token, Vault item ID) instead of hardcoding. The code does not use `eval` or other obvious dynamic code execution on arbitrary user input. `JSON.parse` is used for tool arguments and outputs, assuming the Pangea AI Guard service has already performed its sanitization and validation. The overall design emphasizes security via integration with a dedicated security service.
Similar Servers
mcphub
An orchestration hub that aggregates, manages, and routes Model Context Protocol (MCP) servers and their tools, providing a centralized interface, user management, OAuth 2.0 authorization server capabilities, and AI-powered tool discovery and routing.
jetski
Jetski is an open-source platform providing analytics, authentication, and simplified client setup for Model Context Protocol (MCP) servers by acting as a proxy.
mcpproxy-go
MCPProxy super-charges AI agents with intelligent tool discovery, massive token savings, and built-in security quarantine against malicious Model Context Protocol (MCP) servers.
emceepee
A proxy server enabling AI agents to dynamically connect to and interact with multiple Model Context Protocol (MCP) backend servers, exposing the full MCP protocol via a simplified tool interface or a sandboxed JavaScript execution environment.