securemcp-lite

<p align="center"> </p>

<h1 align="center">SecureMCP-Lite</h1>

<p align="center"> Lightweight local MCP firewall for AI agents. <br /> Policy-driven, stdio-first, easy to adopt, built for real developer workflows. </p>

<p align="center"> <strong>Protect MCP tool calls before they reach the target server.</strong> </p>

SecureMCP-Lite is a lightweight local proxy firewall for MCP servers. It sits between an MCP client and a target MCP server, inspects stdio JSON-RPC traffic in real time, and enforces a local YAML policy before risky tool calls reach the upstream server.

It is designed for developers and teams who want to keep using MCP-enabled AI tools without giving those tools unrestricted access to local files, shell commands, or other powerful operations.

Many MCP workflows are useful precisely because they expose powerful tools. That also makes them risky.

SecureMCP-Lite helps reduce risk from:

• prompt injection that triggers dangerous tools
• over-permissioned filesystem or shell servers
• accidental destructive actions
• path traversal attempts
• runaway loops that spam tools
• AI agent configurations that are too open by default

• stdio-first MCP proxy
• YAML policy enforcement with secure-mcp.yml
• tool allowlist
• regex-based argument restrictions
• local JSON-RPC block responses
• readable stderr logging for ALLOWED and BLOCKED
• in-memory request throttling
• npx-friendly CLI
• example policies and integration configs
• executable demos bundled in the repo
• a full docs website under `apps/frontend`

• solo developers using Claude Code, Codex, Cursor, or Copilot with MCP
• OSS maintainers who want safer repo exploration and demo defaults
• platform and security engineers reviewing AI tool boundaries
• teams that want one shared MCP policy checked