Skip to main content

Security gateway for Model Context Protocol (MCP) to protect AI tool interactions

Project description

LangProtect MCP Gateway

๐Ÿ›ก๏ธ Security gateway for Model Context Protocol (MCP) - Protect your AI tool interactions from security threats.

PyPI version

๐Ÿ†• What's New in v1.3.0

Layer 2: Output Scanning ๐Ÿ”

  • Automatic secret masking in AI-generated responses
  • 30+ secret types detected: AWS, Google Cloud, Azure, Stripe, GitHub, JWTs, DB credentials, private keys
  • Non-blocking warnings - never interrupts workflow
  • Preserves structure - masks secrets while keeping code/content readable

Enhanced Security Controls ๐Ÿ”

  • Fail-closed mode - Block requests on scan failures (optional)
  • Configurable timeouts - Control scan performance
  • High-entropy detection - Catch unknown secret formats

Example

Before (v1.2.6):

AI: Here's your AWS deployment script:
export AWS_ACCESS_KEY_ID="AKIAIOSFODNN7EXAMPLE"
export AWS_SECRET_ACCESS_KEY="wJalrXUtnFEMI/K7MDENG..."

After (v1.3.0):

AI: Here's your AWS deployment script:
export AWS_ACCESS_KEY_ID="<REDACTED:AWS_ACCESS_KEY:1a5d44a2>"
export AWS_SECRET_ACCESS_KEY="<REDACTED:AWS_SECRET_KEY:73ec276f>"

โœ… Secrets masked | ๐Ÿ”’ Code structure preserved | ๐Ÿ“ Audit trail maintained


Features

โœ… Two-Layer Protection

  • Layer 1 (Input): Blocks dangerous requests before sending to MCP server
  • Layer 2 (Output): Masks secrets in AI responses

โœ… Automatic Threat Detection - Scans all MCP requests for security risks
โœ… Access Control - Whitelist/blacklist MCP servers and tools
โœ… Full Audit Trail - Logs all AI interactions for compliance
โœ… IDE Support - Works with VS Code, Cursor, and all MCP-compatible IDEs
โœ… Easy Setup - 30-second installation โœ… Fail-Open Design - Won't block your workflow if backend is unavailable

Quick Start

1. Installation

The gateway runs as a global CLI tool. We recommend using pipx to manage the installation.

# Recommended: Install via pipx
pipx install langprotect-mcp-gateway

2. Automatic Setup (Recommended) ๐Ÿš€

Run our automated setup command to configure VS Code, Cursor, or Claude Desktop for all workspaces:

langprotect-gateway-setup

This will:

  • โœ… Create a global wrapper script at ~/.local/bin/langprotect-mcp-wrapper.sh
  • โœ… Configure VS Code for global visibility in ALL workspaces
  • โœ… Enable auto-start for seamless protection

3. Configure Your Credentials

Edit the generated wrapper script to add your LangProtect email and password:

# Linux/macOS
nano ~/.local/bin/langprotect-mcp-wrapper.sh

# Update these lines:
export LANGPROTECT_URL="https://your-backend.com"  # e.g. http://localhost:8000
export LANGPROTECT_EMAIL="your.email@company.com"
export LANGPROTECT_PASSWORD="your-password"

Reload VS Code and you're done! LangProtect will now protect all your workspaces.


โš™๏ธ Configuration Options (v1.3.0+)

Configure security behavior with environment variables in your wrapper script:

# Security Controls
export LANGPROTECT_ENABLE_MASKING=true      # Enable output masking (default: true)
export LANGPROTECT_FAIL_CLOSED=false        # Block on scan errors (default: false = fail-open)
export LANGPROTECT_SCAN_TIMEOUT=5.0         # Scan timeout in seconds (default: 5.0)
export LANGPROTECT_ENTROPY_DETECTION=true   # Detect unknown secrets via entropy (default: true)

# Backend Connection
export LANGPROTECT_URL="http://localhost:8000"
export LANGPROTECT_EMAIL="your.email@company.com"
export LANGPROTECT_PASSWORD="your-password"

Security Modes

Fail-Open (Default) - Recommended for development:

export LANGPROTECT_FAIL_CLOSED=false
  • If scan times out or fails โ†’ Allow request (log warning)
  • Won't block your workflow
  • Best for development environments

Fail-Closed - Recommended for production:

export LANGPROTECT_FAIL_CLOSED=true
  • If scan times out or fails โ†’ Block request
  • Maximum security
  • Best for production/sensitive environments

Output Masking

Control how AI-generated secrets are handled:

# Enable masking (default)
export LANGPROTECT_ENABLE_MASKING=true

# Disable masking (see secrets in plain text - not recommended)
export LANGPROTECT_ENABLE_MASKING=false

Masked format: <REDACTED:SECRET_TYPE:hash>

  • Example: <REDACTED:AWS_ACCESS_KEY:1a5d44a2>
  • Hash allows deduplication across logs
  • Preserves code structure

๐Ÿ—๏ธ Manual Setup (Per-Workspace)

If you prefer to enable LangProtect only for a specific project, you can use a local .vscode/mcp.json file.

  1. Create a wrapper script (e.g., langprotect-wrapper.sh):
#!/bin/bash
export LANGPROTECT_URL="http://localhost:8000"  # Your LangProtect backend
export LANGPROTECT_EMAIL="your.email@company.com"
export LANGPROTECT_PASSWORD="your-password"
export MCP_SERVER_COMMAND="npx"
export MCP_SERVER_ARGS="-y,@modelcontextprotocol/server-filesystem,/path/to/allowed/dir"

exec langprotect-gateway "$@"
  1. Make it executable: chmod +x langprotect-wrapper.sh

  2. Create .vscode/mcp.json:

{
  "servers": {
    "langprotect-filesystem": {
      "type": "stdio",
      "command": "/path/to/langprotect-wrapper.sh",
      "args": []
    }
  }
}
  1. Reload VS Code: Ctrl+Shift+P โ†’ "Developer: Reload Window"

  2. Start the server: Ctrl+Shift+P โ†’ "MCP: List Servers" โ†’ Click "Start"

Cursor Setup

{
  "mcpServers": {
    "langprotect-gateway": {
      "command": "langprotect-gateway",
      "args": ["--mcp-json-path", "~/.cursor/mcp.json"],
      "env": {
        "LANGPROTECT_URL": "http://localhost:8000",
        "LANGPROTECT_EMAIL": "your.email@company.com",
        "LANGPROTECT_PASSWORD": "your-password"
      },
      "servers": {
        "filesystem": {
          "command": "npx",
          "args": ["-y", "@modelcontextprotocol/server-filesystem", "."]
        }
      }
    }
  }
}

Claude Desktop Setup

Edit ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows):

{
  "mcpServers": {
    "langprotect-gateway": {
      "command": "langprotect-gateway",
      "args": ["--mcp-json-path", "~/Library/Application Support/Claude/claude_desktop_config.json"],
      "env": {
        "LANGPROTECT_URL": "http://localhost:8000",
        "LANGPROTECT_EMAIL": "your.email@company.com",
        "LANGPROTECT_PASSWORD": "your-password"
      },
      "servers": {
        "filesystem": {
          "command": "npx",
          "args": ["-y", "@modelcontextprotocol/server-filesystem", "."]
        }
      }
    }
  }
}

How It Works

โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”     โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”     โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
โ”‚   VS Code   โ”‚โ”€โ”€โ”€โ”€โ–ถโ”‚ LangProtect Gatewayโ”‚โ”€โ”€โ”€โ”€โ–ถโ”‚  Filesystem MCP  โ”‚
โ”‚  (Copilot)  โ”‚     โ”‚   (Security Scan)  โ”‚     โ”‚    Server        โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜     โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜     โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
                              โ”‚
                              โ–ผ
                    โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
                    โ”‚ LangProtect Backendโ”‚
                    โ”‚  (Policy Check)    โ”‚
                    โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
  1. Intercepts all MCP tool calls from your AI assistant
  2. Sends each request to LangProtect backend for security scanning
  3. Blocks requests that violate your security policies
  4. Forwards allowed requests to the actual MCP server
  5. Logs everything for audit trail โ†“ LangProtect Gateway (this package) โ†“ [Security Scan] โ†“ MCP Servers (filesystem, github, etc.)

Every request is:
1. Intercepted by the gateway
2. Scanned for security threats
3. Logged to LangProtect backend
4. Forwarded to actual MCP server (if safe)
5. Response returned to AI

## Dashboard

Monitor all activity at your LangProtect dashboard:
- View all AI interactions
- See security threats blocked
- Track IDE usage
- Generate compliance reports

## Security

The gateway protects against:
- ๐Ÿšซ Sensitive file access (`.env`, SSH keys, etc.)
- ๐Ÿšซ Dangerous commands (`rm -rf`, data exfiltration)
- ๐Ÿšซ SQL injection patterns
- ๐Ÿšซ Hardcoded credentials in suggestions
- ๐Ÿšซ Prompt injection attacks

## Troubleshooting

**"externally-managed-environment" error on Linux:**
- Modern Linux systems protect system Python. Use `pipx` instead:
  ```bash
  sudo apt install pipx -y
  pipx install langprotect-mcp-gateway

Authentication failed:

  • Check LANGPROTECT_URL, LANGPROTECT_EMAIL, LANGPROTECT_PASSWORD are correct
  • Ensure LangProtect backend is accessible

Gateway not starting:

  • Check Python version: python3 --version (need 3.8+)
  • Check package installed: pipx list | grep langprotect
  • Verify path: which langprotect-gateway

Tools not working:

  • Check MCP servers are configured under "servers" section
  • Restart IDE completely

Command not found after install:

  • Run pipx ensurepath and restart your terminal
  • Or add ~/.local/bin to your PATH manually

For Team Leads

Quick Team Rollout:

  1. Share credentials with each team member:

    Email: user@company.com
    Password: secure-password
    Server: http://langprotect.company.com:8000
    
  2. Team members install:

    # Linux/macOS
    sudo apt install pipx -y  # or: brew install pipx
    pipx install langprotect-mcp-gateway
    
    # Configure mcp.json with credentials
    # Restart IDE
    
  3. Monitor dashboard: See all team activity in real-time

Updates

# Upgrade with pipx
pipx upgrade langprotect-mcp-gateway

# Or reinstall specific version
pipx install langprotect-mcp-gateway==1.1.0 --force

Support

License

MIT License - see LICENSE file for details

Links

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

langprotect_mcp_gateway-1.3.1.tar.gz (26.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

langprotect_mcp_gateway-1.3.1-py3-none-any.whl (21.9 kB view details)

Uploaded Python 3

File details

Details for the file langprotect_mcp_gateway-1.3.1.tar.gz.

File metadata

  • Download URL: langprotect_mcp_gateway-1.3.1.tar.gz
  • Upload date:
  • Size: 26.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for langprotect_mcp_gateway-1.3.1.tar.gz
Algorithm Hash digest
SHA256 b5d355e2f0d5061662a4771402d7dcee695771ebd21f597afa8db84ed8b559a1
MD5 4cf3df39c1597be32e4f78f853edab1f
BLAKE2b-256 07785985ff6a8e6fc2055282a5b376634fa42fdd01bba0bf50df7a8ae1e6c9f4

See more details on using hashes here.

File details

Details for the file langprotect_mcp_gateway-1.3.1-py3-none-any.whl.

File metadata

File hashes

Hashes for langprotect_mcp_gateway-1.3.1-py3-none-any.whl
Algorithm Hash digest
SHA256 9ec95152c6599c84c58d6a93db17adb1311f07b11df8256fb2bb7b4492bed1c2
MD5 1e7be73a13cdb501e55f9ce7669cf46b
BLAKE2b-256 b9d4e26ee54220458d3d23719e1af146a486feef6d5fb9a85731537571bfa0ae

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page