Guardian MCP Server

MCP Guardian provides a comprehensive solution for managing your LLM assistant's access to MCP servers. It gives you real-time control over your LLM's activity through message logging, approval workflows, and automated scanning capabilities. The tool makes it easy to manage multiple MCP server configurations and quickly switch between server collections without manual configuration management.

Introduction

MCP Guardian is a powerful tool designed to help you manage, proxy, and secure your Model Context Protocol (MCP) servers. It provides real-time control over your LLM assistant's interactions with MCP servers through comprehensive logging, approval workflows, and automated scanning capabilities.

Key Features

Message Logging: View detailed traces of all LLM interactions with MCP servers
Message Approvals: Approve or deny individual tool call messages in real time
Automated Message Scans: Implement real-time automated checks for safety, privacy, and more (Coming Soon)
MCP Server Configuration Management: Easily switch between different server configurations without manual file management

Installation

MCP Guardian can be installed and used on Linux, macOS, and Windows platforms.

Linux/macOS Installation

Install Nix package manager:

curl -L https://nixos.org/nix/install | sh

Enable Nix flakes:

sudo sh -c 'echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf'

Clone the repository:

git clone https://github.com/eqtylab/mcp-guardian.git
cd mcp-guardian

Enter the development shell:
```
nix develop
```
Build the project:
```
just build-release
```
The mcp-guardian and mcp-guardian-proxy executables will be available in the _build/bin/ directory.

Windows Installation

Install Git with symlink support: https://git-scm.com/downloads/win
Install Rust: https://www.rust-lang.org/tools/install
Install Node.js: https://nodejs.org/en/download
Install Yarn:
```
npm install --global yarn
```
Install Visual Studio with C++ development packages: https://visualstudio.microsoft.com/downloads/
Install Just:
```
cargo install just
```

Clone the repository:

git clone https://github.com/eqtylab/mcp-guardian.git
cd mcp-guardian

Build the project:
```
just build-release
```

Usage

After building the project, you can use MCP Guardian to manage your MCP servers. The tool provides two main components:

mcp-guardian: The main application for managing MCP server configurations
mcp-guardian-proxy: A proxy server that intercepts and controls communications between LLMs and MCP servers

Basic Commands

Start the MCP Guardian proxy server:
```
mcp-guardian-proxy
```
Configure MCP Guardian:
```
mcp-guardian config
```
View logs of MCP server interactions:
```
mcp-guardian logs
```
Approve or deny pending tool call messages:
```
mcp-guardian approve
```

Configuration

MCP Guardian allows you to manage multiple MCP server configurations. You can create different profiles for various use cases and switch between them as needed.

To configure your MCP servers, use the configuration interface provided by the mcp-guardian command-line tool. This will allow you to specify server endpoints, authentication details, and security policies.

Advanced Features

Message Interception and Approval Workflow

MCP Guardian can intercept messages between LLMs and MCP servers, allowing you to:

Review tool call requests before they're executed
Approve or deny specific actions
Modify parameters if needed

Automated Scanning

The upcoming automated scanning feature will allow you to set up rules to automatically check messages for:

Security concerns
Privacy issues
Compliance with organizational policies

Server Management

MCP Guardian simplifies the management of multiple MCP server configurations, making it easy to:

Switch between different server collections
Update server endpoints
Manage authentication credentials
Configure security policies