
shieldmcp
Un escudo para el registro, la depuración profunda y la desinfección para los servidores MCP en la etapa de desarrollo
1
Github Watches
0
Github Forks
2
Github Stars
Shield MCP
A security middleware for Model Context Protocol (MCP) servers that enhances security and monitoring capabilities without modifying the official SDK. This package provides tools for securing and monitoring MCP tool calls, following the best practices outlined in the MCP documentation. Abstract yourself while interact at MCP development.
Table of Contents
- Features
- Requirements
- Installation
- Quick Start
- Components
- Best Practices
- Development
- Roadmap
- Acknowledgments
Features
- Tool Access Control: Whitelist-based access control for MCP tools
- Result Sanitization: Configurable sanitization of tool outputs
- Structured Logging: Comprehensive audit logging using structlog
- Rate Limiting: Token bucket algorithm for rate limiting
- Error Handling: Standardized error handling and formatting
- MCP Inspector Compatible: Works seamlessly with the MCP Inspector tool
Requirements
System Requirements
- Python 3.8 or higher
- pip (Python package installer)
- virtualenv (recommended for development)
Quick Start
from shieldmcp import secure_tool
from shieldmcp.sanitizers import ToolSanitizer
from shieldmcp.rate_limit import RateLimitConfig
# Define allowed tools
ALLOWED_TOOLS = {"search", "read_file", "write_file"}
# Create a text sanitizer
text_sanitizer = ToolSanitizer.createTextSanitizer(
max_length=1000,
sensitive_patterns=[
r"\b\d{16}\b", # Credit card numbers
r"\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b" # Email addresses
]
)
# Configure rate limiting
rate_limit = RateLimitConfig(
requests_per_minute=60, # 1 request per second
burst_size=10 # Allow bursts of up to 10 requests
)
# Apply the decorator to your MCP tools
@secure_tool(
allowed_tools=ALLOWED_TOOLS,
sanitize_fn=text_sanitizer,
user_id="user123",
session_id="session456",
rate_limit=rate_limit
)
def search(query: str):
# Your tool implementation
return results
Components
Decorators (decorators.py
)
The main @secure_tool
decorator that orchestrates all security features:
@secure_tool(
allowed_tools={"tool1", "tool2"}, # Set of allowed tool names
sanitize_fn=your_sanitizer, # Optional result sanitization function
user_id="user123", # Optional user identifier
session_id="session456", # Optional session identifier
rate_limit=RateLimitConfig( # Optional rate limit configuration
requests_per_minute=60,
burst_size=10
)
)
def your_tool():
pass
Audit Logging (audit.py
)
Structured logging using structlog:
from shieldmcp import ToolAudit
audit = ToolAudit()
audit.logToolCallStart(
tool_name="search",
args={"query": "test"},
user_id="user123"
)
Access Control (access.py
)
Tool access validation:
from shieldmcp import ToolAccess
access = ToolAccess(allowed_tools={"tool1", "tool2"})
access.validateToolAccess("tool1") # Raises ValueError if not allowed
Sanitizers (sanitizers.py
)
Result sanitization utilities:
from shieldmcp import ToolSanitizer
# Create a custom sanitizer
sanitizer = ToolSanitizer.createTextSanitizer(
max_length=1000,
sensitive_patterns=[r"\b\d{16}\b"]
)
# Use it directly
clean_text = sanitizer("Your text with sensitive data")
Rate Limiting (rate_limit.py
)
Token bucket rate limiting:
from shieldmcp import RateLimitConfig
# Configure rate limits
config = RateLimitConfig(
requests_per_minute=60,
burst_size=10
)
Best Practices
Tool Access Control
- Always define a whitelist of allowed tools
- Use the most restrictive set of tools possible
- Regularly review and update the whitelist
Result Sanitization
- Sanitize all text output
- Define patterns for sensitive data
- Set reasonable length limits
Logging
- Include user and session IDs when available
- Log both successful and failed operations
- Use structured logging for better analysis
Rate Limiting
- Set appropriate limits based on tool complexity
- Consider burst sizes for better user experience
- Monitor rate limit hits in logs
Development
Setup Development Environment
# Clone the repository
git clone https://github.com/shieldmcp/shieldmcp.git
cd shieldmcp
# Create virtual environment
python -m venv venv
source venv/bin/activate # or `venv\Scripts\activate` on Windows
# Install development dependencies
pip install -r requirements.txt
Running Tests
pytest tests/
Roadmap
Planned Features
- Support for Clerk MCP and Github MCP
- Extended documentation
- TypeScript support
Acknowledgments
- Model Context Protocol for the protocol specification
- structlog for structured logging
Feel free to make any inquiries.
相关推荐
I find academic articles and books for research and literature reviews.
Confidential guide on numerology and astrology, based of GG33 Public information
Converts Figma frames into front-end code for various mobile frameworks.
Advanced software engineer GPT that excels through nailing the basics.
Take an adjectivised noun, and create images making it progressively more adjective!
Embark on a thrilling diplomatic quest across a galaxy on the brink of war. Navigate complex politics and alien cultures to forge peace and avert catastrophe in this immersive interstellar adventure.
Descubra la colección más completa y actualizada de servidores MCP en el mercado. Este repositorio sirve como un centro centralizado, que ofrece un extenso catálogo de servidores MCP de código abierto y propietarios, completos con características, enlaces de documentación y colaboradores.
Manipulación basada en Micrypthon I2C del expansor GPIO de la serie MCP, derivada de AdaFruit_MCP230xx
La aplicación AI de escritorio todo en uno y Docker con trapo incorporado, agentes de IA, creador de agentes sin código, compatibilidad de MCP y más.
Un poderoso complemento Neovim para administrar servidores MCP (protocolo de contexto del modelo)
Servidor MCP para obtener contenido de la página web con el navegador sin cabeza de dramaturgo.
Puente entre los servidores Ollama y MCP, lo que permite a LLM locales utilizar herramientas de protocolo de contexto del modelo
🧑🚀 全世界最好的 llM 资料总结(数据处理、模型训练、模型部署、 O1 模型、 MCP 、小语言模型、视觉语言模型) | Resumen de los mejores recursos del mundo.
Reviews

user_nA4yyF0o
ShieldMCP is an essential tool for anyone working with MCP applications. It offers robust protection and seamless integration with your workflows, making it a must-have for developers. The interface is intuitive, and the setup process is straightforward. As a loyal MCP user, I highly recommend giving ShieldMCP a try! Check it out here: https://github.com/shieldmcp/shieldmcp.