Security gateway for Model Context Protocol (MCP) to protect AI tool interactions
Project description
LangProtect MCP Gateway
๐ก๏ธ Security gateway for Model Context Protocol (MCP) - Protect your AI tool interactions from security threats.
๐ What's New in v1.3.0
Layer 2: Output Scanning ๐
- Automatic secret masking in AI-generated responses
- 30+ secret types detected: AWS, Google Cloud, Azure, Stripe, GitHub, JWTs, DB credentials, private keys
- Non-blocking warnings - never interrupts workflow
- Preserves structure - masks secrets while keeping code/content readable
Enhanced Security Controls ๐
- Fail-closed mode - Block requests on scan failures (optional)
- Configurable timeouts - Control scan performance
- High-entropy detection - Catch unknown secret formats
Example
Before (v1.2.6):
AI: Here's your AWS deployment script:
export AWS_ACCESS_KEY_ID="AKIAIOSFODNN7EXAMPLE"
export AWS_SECRET_ACCESS_KEY="wJalrXUtnFEMI/K7MDENG..."
After (v1.3.0):
AI: Here's your AWS deployment script:
export AWS_ACCESS_KEY_ID="<REDACTED:AWS_ACCESS_KEY:1a5d44a2>"
export AWS_SECRET_ACCESS_KEY="<REDACTED:AWS_SECRET_KEY:73ec276f>"
โ Secrets masked | ๐ Code structure preserved | ๐ Audit trail maintained
Features
โ Two-Layer Protection
- Layer 1 (Input): Blocks dangerous requests before sending to MCP server
- Layer 2 (Output): Masks secrets in AI responses
โ
Automatic Threat Detection - Scans all MCP requests for security risks
โ
Access Control - Whitelist/blacklist MCP servers and tools
โ
Full Audit Trail - Logs all AI interactions for compliance
โ
IDE Support - Works with VS Code, Cursor, and all MCP-compatible IDEs
โ
Easy Setup - 30-second installation
โ
Fail-Open Design - Won't block your workflow if backend is unavailable
Quick Start
1. Installation
The gateway runs as a global CLI tool. We recommend using pipx to manage the installation.
# Recommended: Install via pipx
pipx install langprotect-mcp-gateway
2. Automatic Setup (Recommended) ๐
Run our automated setup command to configure VS Code, Cursor, or Claude Desktop for all workspaces:
langprotect-gateway-setup
What happens:
- ๐ Prompts for credentials interactively (password hidden)
- โ Validates credentials in real-time against your backend
- ๐ Retries on failure with helpful error messages
- ๐ Creates wrapper script at
~/.local/bin/langprotect-mcp-wrapper.sh - โ๏ธ Configures VS Code for global visibility in ALL workspaces
- ๐ Auto-start enabled for seamless protection
Example:
$ langprotect-gateway-setup
๐ Setting up LangProtect MCP Gateway...
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
๐ Enter Your LangProtect Credentials
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Backend URL [http://localhost:8000]: http://localhost:8000
Email: your.email@company.com
Password: โโโโโโโโโโ
Validating credentials...
โ Credentials validated successfully!
๐ Creating global wrapper script...
โ
Created: ~/.local/bin/langprotect-mcp-wrapper.sh
โ๏ธ Configuring VS Code...
โ
Updated: ~/.config/Code/User/settings.json
โ
Setup complete!
Alternative: Pre-set credentials via environment variables
export LANGPROTECT_URL="http://localhost:8000"
export LANGPROTECT_EMAIL="your.email@company.com"
export LANGPROTECT_PASSWORD="your-password"
langprotect-gateway-setup
3. Reload VS Code
Press Ctrl+Shift+P โ Developer: Reload Window
That's it! โ LangProtect will now protect all your workspaces.
โ๏ธ Configuration Options (v1.3.0+)
Configure security behavior with environment variables in your wrapper script:
# Security Controls
export LANGPROTECT_ENABLE_MASKING=true # Enable output masking (default: true)
export LANGPROTECT_FAIL_CLOSED=false # Block on scan errors (default: false = fail-open)
export LANGPROTECT_SCAN_TIMEOUT=5.0 # Scan timeout in seconds (default: 5.0)
export LANGPROTECT_ENTROPY_DETECTION=true # Detect unknown secrets via entropy (default: true)
# Backend Connection
export LANGPROTECT_URL="http://localhost:8000"
export LANGPROTECT_EMAIL="your.email@company.com"
export LANGPROTECT_PASSWORD="your-password"
Security Modes
Fail-Open (Default) - Recommended for development:
export LANGPROTECT_FAIL_CLOSED=false
- If scan times out or fails โ Allow request (log warning)
- Won't block your workflow
- Best for development environments
Fail-Closed - Recommended for production:
export LANGPROTECT_FAIL_CLOSED=true
- If scan times out or fails โ Block request
- Maximum security
- Best for production/sensitive environments
Output Masking
Control how AI-generated secrets are handled:
# Enable masking (default)
export LANGPROTECT_ENABLE_MASKING=true
# Disable masking (see secrets in plain text - not recommended)
export LANGPROTECT_ENABLE_MASKING=false
Masked format: <REDACTED:SECRET_TYPE:hash>
- Example:
<REDACTED:AWS_ACCESS_KEY:1a5d44a2> - Hash allows deduplication across logs
- Preserves code structure
๐๏ธ Manual Setup (Per-Workspace)
If you prefer to enable LangProtect only for a specific project, you can use a local .vscode/mcp.json file.
- Create a wrapper script (e.g.,
langprotect-wrapper.sh):
#!/bin/bash
export LANGPROTECT_URL="http://localhost:8000" # Your LangProtect backend
export LANGPROTECT_EMAIL="your.email@company.com"
export LANGPROTECT_PASSWORD="your-password"
export MCP_SERVER_COMMAND="npx"
export MCP_SERVER_ARGS="-y,@modelcontextprotocol/server-filesystem,/path/to/allowed/dir"
exec langprotect-gateway "$@"
-
Make it executable:
chmod +x langprotect-wrapper.sh -
Create
.vscode/mcp.json:
{
"servers": {
"langprotect-filesystem": {
"type": "stdio",
"command": "/path/to/langprotect-wrapper.sh",
"args": []
}
}
}
-
Reload VS Code:
Ctrl+Shift+Pโ "Developer: Reload Window" -
Start the server:
Ctrl+Shift+Pโ "MCP: List Servers" โ Click "Start"
Cursor Setup
{
"mcpServers": {
"langprotect-gateway": {
"command": "langprotect-gateway",
"args": ["--mcp-json-path", "~/.cursor/mcp.json"],
"env": {
"LANGPROTECT_URL": "http://localhost:8000",
"LANGPROTECT_EMAIL": "your.email@company.com",
"LANGPROTECT_PASSWORD": "your-password"
},
"servers": {
"filesystem": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-filesystem", "."]
}
}
}
}
}
Claude Desktop Setup
Edit ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows):
{
"mcpServers": {
"langprotect-gateway": {
"command": "langprotect-gateway",
"args": ["--mcp-json-path", "~/Library/Application Support/Claude/claude_desktop_config.json"],
"env": {
"LANGPROTECT_URL": "http://localhost:8000",
"LANGPROTECT_EMAIL": "your.email@company.com",
"LANGPROTECT_PASSWORD": "your-password"
},
"servers": {
"filesystem": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-filesystem", "."]
}
}
}
}
}
How It Works
โโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโ
โ VS Code โโโโโโถโ LangProtect Gatewayโโโโโโถโ Filesystem MCP โ
โ (Copilot) โ โ (Security Scan) โ โ Server โ
โโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโ
โ
โผ
โโโโโโโโโโโโโโโโโโโโโโ
โ LangProtect Backendโ
โ (Policy Check) โ
โโโโโโโโโโโโโโโโโโโโโโ
- Intercepts all MCP tool calls from your AI assistant
- Sends each request to LangProtect backend for security scanning
- Blocks requests that violate your security policies
- Forwards allowed requests to the actual MCP server
- Logs everything for audit trail โ LangProtect Gateway (this package) โ [Security Scan] โ MCP Servers (filesystem, github, etc.)
Every request is:
1. Intercepted by the gateway
2. Scanned for security threats
3. Logged to LangProtect backend
4. Forwarded to actual MCP server (if safe)
5. Response returned to AI
## Dashboard
Monitor all activity at your LangProtect dashboard:
- View all AI interactions
- See security threats blocked
- Track IDE usage
- Generate compliance reports
## Security
The gateway protects against:
- ๐ซ Sensitive file access (`.env`, SSH keys, etc.)
- ๐ซ Dangerous commands (`rm -rf`, data exfiltration)
- ๐ซ SQL injection patterns
- ๐ซ Hardcoded credentials in suggestions
- ๐ซ Prompt injection attacks
## Troubleshooting
**"externally-managed-environment" error on Linux:**
- Modern Linux systems protect system Python. Use `pipx` instead:
```bash
sudo apt install pipx -y
pipx install langprotect-mcp-gateway
Authentication failed:
- Check
LANGPROTECT_URL,LANGPROTECT_EMAIL,LANGPROTECT_PASSWORDare correct - Ensure LangProtect backend is accessible
Gateway not starting:
- Check Python version:
python3 --version(need 3.8+) - Check package installed:
pipx list | grep langprotect - Verify path:
which langprotect-gateway
Tools not working:
- Check MCP servers are configured under
"servers"section - Restart IDE completely
Command not found after install:
- Run
pipx ensurepathand restart your terminal - Or add
~/.local/binto your PATH manually
For Team Leads
Quick Team Rollout:
-
Share credentials with each team member:
Email: user@company.com Password: secure-password Server: http://langprotect.company.com:8000 -
Team members install:
# Linux/macOS sudo apt install pipx -y # or: brew install pipx pipx install langprotect-mcp-gateway # Configure mcp.json with credentials # Restart IDE
-
Monitor dashboard: See all team activity in real-time
Updates
# Upgrade with pipx
pipx upgrade langprotect-mcp-gateway
# Or reinstall specific version
pipx install langprotect-mcp-gateway==1.1.0 --force
Support
- Documentation: https://www.langprotect.com/docs
- Issues: https://github.com/langprotect/mcp-gateway/issues
- Security: security@langprotect.com
License
MIT License - see LICENSE file for details
Links
- Homepage: https://www.langprotect.com/
- GitHub: https://github.com/langprotect/mcp-gateway
- Documentation: https://www.langprotect.com/docs
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file langprotect_mcp_gateway-1.3.5.tar.gz.
File metadata
- Download URL: langprotect_mcp_gateway-1.3.5.tar.gz
- Upload date:
- Size: 27.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
86378eae0c2e6796422ffaf9e9af2c93c35fc7e4cb28271c6d416c4095d15482
|
|
| MD5 |
c865b92af476d1419688e9ed5bb70a66
|
|
| BLAKE2b-256 |
ea61233738f5d25fa9ab442de5081fa11243d1447b127d69a9d55b7b4f74633d
|
File details
Details for the file langprotect_mcp_gateway-1.3.5-py3-none-any.whl.
File metadata
- Download URL: langprotect_mcp_gateway-1.3.5-py3-none-any.whl
- Upload date:
- Size: 23.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f1e4bed8feb06b05433b08510c410154230b9b4af2265f29b9dd274309710163
|
|
| MD5 |
bcc49bd99413f7b8553128d5654b1f53
|
|
| BLAKE2b-256 |
d1635495e1cbafc2ac693da1b98ccc52950f2e0cc241ea23f6123a096ed883af
|