Secure_GenAI_Gateway_and_MCP_Server
Verified Safeby vijayyarabolu
Overview
A secure serverless gateway for accessing Large Language Models (LLMs) via Amazon Bedrock, incorporating input sanitization and routing.
Installation
sam build && sam deploy --guidedSecurity Notes
The `sanitize_input` function provides only basic blocking of hardcoded words (`password`, `secret_key`, `ssn`) and explicitly notes it's not as sophisticated as dedicated libraries (e.g., Microsoft Presidio). The README mentions a 'Prompt Firewall' to prevent jailbreaks, but the provided `lambda_function.py` does not contain explicit logic for system prompt enforcement or advanced prompt injection prevention beyond the basic word list. This is a gap between the described features and the implemented code. There are no hardcoded secrets or `eval` statements. The serverless architecture and IAM policies for Bedrock invocation (`bedrock:InvokeModel`) are good security practices.
Similar Servers
bifrost
A high-performance AI gateway with a unified interface for multiple LLM providers, offering real-time monitoring and configuration.
run-model-context-protocol-servers-with-aws-lambda
This project provides a CDK pipeline to automate the deployment of Model Context Protocol (MCP) servers as AWS Lambda functions, offering client transports for Lambda invocation and SigV4 HTTP, and server adapters/handlers for various AWS Lambda event models.
swagger2mcp
Transforms OpenAPI/Swagger specifications into Model Context Protocol (MCP) servers, enabling secure and accurate LLM interaction with APIs.
MCP-Gateway
A federated gateway service for the Model Context Protocol (MCP) that aggregates multiple MCP servers into a single, namespaced, authenticated endpoint for AI agents like Claude.