A shield for logging, deep debug and sanitization for MCP servers at development stage
A security middleware for Model Context Protocol (MCP) servers that enhances security and monitoring capabilities without modifying the official SDK. This package provides tools for securing and monitoring MCP tool calls, following the best practices outlined in the MCP documentation. Abstract yourself while interact at MCP development.
from shieldmcp import secure_tool
from shieldmcp.sanitizers import ToolSanitizer
from shieldmcp.rate_limit import RateLimitConfig
## Define allowed tools
ALLOWED_TOOLS = {"search", "read_file", "write_file"}
## Create a text sanitizer
text_sanitizer = ToolSanitizer.createTextSanitizer(
max_length=1000,
sensitive_patterns=[
r"\b\d{16}\b", # Credit card numbers
r"\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+.[A-Z|a-z]{2,}\b" # Email addresses
]
)
## Configure rate limiting
rate_limit = RateLimitConfig(
requests_per_minute=60, # 1 request per second
burst_size=10 # Allow bursts of up to 10 requests
)
## Apply the decorator to your MCP tools
@secure_tool(
allowed_tools=ALLOWED_TOOLS,
sanitize_fn=text_sanitizer,
user_id="user123",
session_id="session456",
rate_limit=rate_limit
)
def search(query: str):
# Your tool implementation
return results
decorators.py)The main @secure_tool decorator that orchestrates all security features:
@secure_tool(
allowed_tools={"tool1", "tool2"}, # Set of allowed tool names
sanitize_fn=your_sanitizer, # Optional result sanitization function
user_id="user123", # Optional user identifier
session_id="session456", # Optional session identifier
rate_limit=RateLimitConfig( # Optional rate limit configuration
requests_per_minute=60,
burst_size=10
)
)
def your_tool():
pass
audit.py)Structured logging using structlog:
from shieldmcp import ToolAudit
audit = ToolAudit()
audit.logToolCallStart(
tool_name="search",
args={"query": "test"},
user_id="user123"
)
access.py)Tool access validation:
from shieldmcp import ToolAccess
access = ToolAccess(allowed_tools={"tool1", "tool2"})
access.validateToolAccess("tool1") # Raises ValueError if not allowed
sanitizers.py)Result sanitization utilities:
from shieldmcp import ToolSanitizer
## Create a custom sanitizer
sanitizer = ToolSanitizer.createTextSanitizer(
max_length=1000,
sensitive_patterns=[r"\b\d{16}\b"]
)
## Use it directly
clean_text = sanitizer("Your text with sensitive data")
rate_limit.py)Token bucket rate limiting:
from shieldmcp import RateLimitConfig
## Configure rate limits
config = RateLimitConfig(
requests_per_minute=60,
burst_size=10
)
## Clone the repository
git clone https://github.com/shieldmcp/shieldmcp.git
cd shieldmcp
## Create virtual environment
python -m venv venv
source venv/bin/activate # or `venv\Scripts\activate` on Windows
## Install development dependencies
pip install -r requirements.txt
pytest tests/
Feel free to make any inquiries.
Mcp Brianknows
Unofficial MCP to use BrianKnows API for DeFI knowledge
Osm Mcp
Model Context Protocol server for OpenStreetMap data
Mcp Crypto Price
A Model Context Protocol (MCP) server that provides real-time cryptocurrency analysis via CoinCap's API. Enables Claude and other MCP clients to fetch crypto prices, analyze market trends, and track historical data.
A Model Context Protocol (MCP) server for querying the CVE-Search API
Model Context Protocol server for FTP access
This Model Context Protocol (MCP) server enables LLMs like Claude to perform internet research using the Perplexity API. It provides real-time, up-to-date information with source citations.
A DuckDuckGo search plugin for Model Context Protocol (MCP), compatible with Claude Code. Provides web search functionality with advanced navigation and content exploration features.