governmcp
Verified Safeby serkan-uz
Overview
Centralized governance for Model Context Protocol (MCP) servers, enabling policy enforcement, capability token issuance, and audit logging for LLM integrations.
Installation
cp .env.example .env && docker compose up --buildEnvironment Variables
- GOVERNMCP_SECRET
- GOVERNMCP_JWT_PRIVATE_KEY
- GOVERNMCP_JWT_PUBLIC_KEY
Security Notes
The server implements robust security practices including API key authentication, role-based access control, JWT-based capability tokens signed with RSA, Fernet encryption for stored credentials, and comprehensive audit logging. Destructive actions are explicitly blocked regardless of policy. A broad CORS policy `allow_origins=['*']` is set for the API in `api/main.py`, which is generally acceptable for development but should be narrowed to specific trusted origins in a production environment.
Similar Servers
mcpo
Exposes Model Context Protocol (MCP) tools as OpenAPI-compatible HTTP servers for integration with LLM agents and other applications.
mcp-context-forge
A comprehensive Model Context Protocol (MCP) gateway and proxy that unifies REST, MCP, and A2A services, providing features like federation, virtual servers, rate-limiting, security, and an optional admin UI for managing web content and file conversions to markdown.
mcphub
A hub for managing, orchestrating, and providing a unified API for various Model Context Protocol (MCP) servers and their tools, including user management, OAuth services, and discovery of external servers.
mcp-omnisearch
Provides a unified interface for LLMs to access multiple web search, AI response, content processing, and enhancement tools from various providers through the Model Context Protocol (MCP).