A shield for logging, deep debug and sanitization for MCP servers at development stage
A security middleware for Model Context Protocol (MCP) servers that enhances security and monitoring capabilities without modifying the official SDK. This package provides tools for securing and monitoring MCP tool calls, following the best practices outlined in the MCP documentation. Abstract yourself while interact at MCP development.
from shieldmcp import secure_tool
from shieldmcp.sanitizers import ToolSanitizer
from shieldmcp.rate_limit import RateLimitConfig
## Define allowed tools
ALLOWED_TOOLS = {"search", "read_file", "write_file"}
## Create a text sanitizer
text_sanitizer = ToolSanitizer.createTextSanitizer(
max_length=1000,
sensitive_patterns=[
r"\b\d{16}\b", # Credit card numbers
r"\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+.[A-Z|a-z]{2,}\b" # Email addresses
]
)
## Configure rate limiting
rate_limit = RateLimitConfig(
requests_per_minute=60, # 1 request per second
burst_size=10 # Allow bursts of up to 10 requests
)
## Apply the decorator to your MCP tools
@secure_tool(
allowed_tools=ALLOWED_TOOLS,
sanitize_fn=text_sanitizer,
user_id="user123",
session_id="session456",
rate_limit=rate_limit
)
def search(query: str):
# Your tool implementation
return results
decorators.py)The main @secure_tool decorator that orchestrates all security features:
@secure_tool(
allowed_tools={"tool1", "tool2"}, # Set of allowed tool names
sanitize_fn=your_sanitizer, # Optional result sanitization function
user_id="user123", # Optional user identifier
session_id="session456", # Optional session identifier
rate_limit=RateLimitConfig( # Optional rate limit configuration
requests_per_minute=60,
burst_size=10
)
)
def your_tool():
pass
audit.py)Structured logging using structlog:
from shieldmcp import ToolAudit
audit = ToolAudit()
audit.logToolCallStart(
tool_name="search",
args={"query": "test"},
user_id="user123"
)
access.py)Tool access validation:
from shieldmcp import ToolAccess
access = ToolAccess(allowed_tools={"tool1", "tool2"})
access.validateToolAccess("tool1") # Raises ValueError if not allowed
sanitizers.py)Result sanitization utilities:
from shieldmcp import ToolSanitizer
## Create a custom sanitizer
sanitizer = ToolSanitizer.createTextSanitizer(
max_length=1000,
sensitive_patterns=[r"\b\d{16}\b"]
)
## Use it directly
clean_text = sanitizer("Your text with sensitive data")
rate_limit.py)Token bucket rate limiting:
from shieldmcp import RateLimitConfig
## Configure rate limits
config = RateLimitConfig(
requests_per_minute=60,
burst_size=10
)
## Clone the repository
git clone https://github.com/shieldmcp/shieldmcp.git
cd shieldmcp
## Create virtual environment
python -m venv venv
source venv/bin/activate # or `venv\Scripts\activate` on Windows
## Install development dependencies
pip install -r requirements.txt
pytest tests/
Feel free to make any inquiries.
Mcp Pubmed Server
PubMed MCP Server for accessing research papers
Mcp Qdrant Memory
MCP server providing a knowledge graph implementation with semantic search capabilities powered by Qdrant vector database
Higress Ai Search Mcp Server
An MCP server enhances AI responses with real-time search results via Higress ai-search.
A specialized Model Context Protocol (MCP) server that enables you to search, read, delete and send emails from your Gmail account, leveraging an AI Agent to help with each operation. Optimized for Systemprompt MCP Voice client.
Obsidian Knowledge-Management MCP (Model Context Protocol) server that enables AI agents and development tools to interact with an Obsidian vault. It provides a comprehensive suite of tools for reading, writing, searching, and managing notes, tags, and frontmatter, acting as a bridge to the Obsidian Local REST API plugin.
