Back to Home
polymons icon

MCP-Security-Proxy

Verified Safe

by polymons

View Source

Overview

Transparent security proxy for LLM tool interactions, employing ensemble anomaly detection to classify requests as benign or malicious.

Installation

Run Command
docker compose up -d --build

Environment Variables

  • CLOUD_OPENAI_API_KEY (required if CLOUD_LLM_PROVIDER=openai)
  • CLOUD_GOOGLE_API_KEY (required if CLOUD_LLM_PROVIDER=gemini)
  • LLM_MODEL_PATH (default: /app/models/llama-2-7b-chat.Q4_K_M.gguf)
  • MCP_SERVERS (default: comma-separated list of tool URLs, e.g., http://tool-filesystem:8080)

Security Notes

The MCP Bridge (security proxy) component implements robust security features, including an ensemble of rule-based, statistical, and semantic detectors, network isolation for tools (mcp-secure internal network), and fail-safe blocking. However, the underlying MCP tool servers (filesystem, sqlite, time, fetch, memory) are intentionally designed to be vulnerable to common attacks (e.g., SQL injection via direct `cursor.execute`, command injection via timezone parameter, path traversal when `SAFE_MODE=false`), as this is a research project testing the proxy's detection capabilities. A bypass of the proxy would expose these severe vulnerabilities. The `is_safe_to_run` assumes the system is run with the proxy actively protecting these intentionally vulnerable tools.

Similar Servers

mcp-context-forge

3113

Converts web content (HTML, PDF, DOCX, etc.) and local files from a URL into high-quality Markdown format. It supports multiple conversion engines, content optimization, batch processing, and image handling.

Other
9
$Low

mcp-language-server

1386

Serves as an MCP (Model Context Protocol) gateway, enabling LLMs to interact with Language Servers (LSPs) for codebase navigation, semantic analysis, and code editing operations.

Other
3
$High

mcp-server-code-execution-mode

258

This server enables LLM agents to execute Python code in a highly secure, isolated container environment, facilitating complex multi-tool orchestration and data analysis with minimal LLM context token usage.

Other
8
$Low

mcp-shark

146

Aggregate multiple Model Context Protocol (MCP) servers into a single unified interface with a powerful monitoring UI.

Other
7
$Low

Stats

Interest Score81
Security Score7
Cost ClassMedium
Avg Tokens128
Stars2
Forks0
Last Update2025-12-13

Tags

LLM SecurityAnomaly DetectionSecurity ProxyMachine LearningMCP Protocol