Trust-gated MCP middleware for FastMCP via Dominion Observatory
Project description
fastmcp-dominion
Trust-gated MCP middleware for FastMCP via Dominion Observatory.
Automatically verifies MCP server trust scores before allowing tool calls. Blocks untrusted servers, caches lookups, and provides configurable failure modes.
Installation
pip install fastmcp-dominion
Quick Start
from fastmcp import FastMCP
from fastmcp_dominion import TrustMiddleware
app = FastMCP("my-server")
app.add_middleware(TrustMiddleware(threshold=70))
That's it. All incoming tool calls are now verified against Observatory's behavioral trust scores from 14,800+ MCP servers.
Configuration
from fastmcp_dominion import TrustMiddleware, TrustConfig
config = TrustConfig(
threshold=70.0, # Minimum trust score (0-100)
cache_ttl=300, # Cache scores for 5 minutes
fail_mode="open", # "open" = allow on API error, "closed" = block
log_decisions=True, # Log trust check decisions
bypass_tools=["ping"], # Tools that skip verification
)
app = FastMCP("my-server")
app.add_middleware(TrustMiddleware(config=config))
Synchronous Usage
For scripts or non-async code:
from fastmcp_dominion.middleware import check_trust_sync
result = check_trust_sync("https://some-mcp-server.com/mcp")
print(f"Trust score: {result['trust_score']}")
print(f"Passed: {result['_passed']}")
How It Works
- Incoming MCP request arrives
- Middleware extracts the server URL from request headers/metadata
- Queries Observatory's trust API (cached for 5 min by default)
- If score >= threshold: request proceeds normally
- If score < threshold: returns JSON-RPC error with trust details
- If Observatory unreachable: behavior depends on
fail_mode
API
Observatory tracks 14,800+ MCP servers with behavioral trust scores based on real interaction data. Free tier: 50 queries/day.
- Trust API:
GET https://dominionobservatory.com/api/trust?url=<server_url> - Docs: https://dominionobservatory.com
- GitHub: https://github.com/sgdata-io/dominion-observatory
License
MIT
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file fastmcp_dominion-0.1.0.tar.gz.
File metadata
- Download URL: fastmcp_dominion-0.1.0.tar.gz
- Upload date:
- Size: 5.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
55b99ac4a826ff4ea4ae65c1e12042900b360cfd104e2fd76ce75c52d1035da8
|
|
| MD5 |
4f658b41224bc27f519922c7ff48d907
|
|
| BLAKE2b-256 |
2bbaf50fa26b1b5d2cf07433b04c8d519fc03b63267b7b54961804457d980bdc
|
File details
Details for the file fastmcp_dominion-0.1.0-py3-none-any.whl.
File metadata
- Download URL: fastmcp_dominion-0.1.0-py3-none-any.whl
- Upload date:
- Size: 6.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
7485460a7ed23e8f484564b30657944777c1fed5d0cea5f659d648cca26e21d7
|
|
| MD5 |
a2ce8f16e7f283ab07eed3916bc70bc9
|
|
| BLAKE2b-256 |
e7514edcaf96c5f912bde0c3cbf768cd0be2aa6157f8b52e5c55fb724ee2c215
|
