Skip to main content

LangProtect Vector Gateway for protected MCP access across local AI hosts

Project description

LangProtect Vector Gateway

๐Ÿ›ก๏ธ Security gateway for Model Context Protocol (MCP) - Protect your AI tool interactions from security threats.

PyPI version

๐Ÿ†• What's New in v1.3.0

Layer 2: Output Scanning ๐Ÿ”

  • Automatic secret masking in AI-generated responses
  • 30+ secret types detected: AWS, Google Cloud, Azure, Stripe, GitHub, JWTs, DB credentials, private keys
  • Non-blocking warnings - never interrupts workflow
  • Preserves structure - masks secrets while keeping code/content readable

Enhanced Security Controls ๐Ÿ”

  • Fail-closed mode - Block requests on scan failures (optional)
  • Configurable timeouts - Control scan performance
  • High-entropy detection - Catch unknown secret formats

Example

Before (v1.2.6):

AI: Here's your AWS deployment script:
export AWS_ACCESS_KEY_ID="AKIAIOSFODNN7EXAMPLE"
export AWS_SECRET_ACCESS_KEY="wJalrXUtnFEMI/K7MDENG..."

After (v1.3.0):

AI: Here's your AWS deployment script:
export AWS_ACCESS_KEY_ID="<REDACTED:AWS_ACCESS_KEY:1a5d44a2>"
export AWS_SECRET_ACCESS_KEY="<REDACTED:AWS_SECRET_KEY:73ec276f>"

โœ… Secrets masked | ๐Ÿ”’ Code structure preserved | ๐Ÿ“ Audit trail maintained


Features

โœ… Two-Layer Protection

  • Layer 1 (Input): Blocks dangerous requests before sending to MCP server
  • Layer 2 (Output): Masks secrets in AI responses

โœ… Automatic Threat Detection - Scans all MCP requests for security risks
โœ… Access Control - Whitelist/blacklist MCP servers and tools
โœ… Full Audit Trail - Logs all AI interactions for compliance
โœ… IDE Support - Works with VS Code, Cursor, and all MCP-compatible IDEs
โœ… Easy Setup - 30-second installation โœ… Fail-Open Design - Won't block your workflow if backend is unavailable

Quick Start

1. Installation

The gateway runs as a global CLI tool. We recommend using pipx to manage the installation.

# Recommended: Install via pipx
pipx install langprotect-vector

2. Automatic Setup (Recommended) ๐Ÿš€

Run the one-time setup command to sign in, configure supported local hosts, and start the shared local gateway:

langprotect-vector setup --backend-url http://localhost:8000 --email you@example.com

What happens:

  • ๐Ÿ” Prompts for credentials interactively (password hidden)
  • โœ… Validates credentials in real-time against your backend
  • ๐Ÿ”„ Retries on failure with helpful error messages
  • ๐Ÿ“ Stores a local Vector profile under ~/.config/langprotect-vector/
  • โš™๏ธ Configures supported local hosts such as VS Code / Copilot, Cursor, and JetBrains
  • ๐Ÿงฉ Writes MCP config/snippets so hosts point at the shared Vector gateway
  • ๐Ÿš€ Starts the shared local gateway and enables autostart where supported

Example:

$ langprotect-vector setup --backend-url http://localhost:8000 --email your.email@company.com

๐Ÿš€ Setting up LangProtect Vector Gateway...

โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•
         ๐Ÿ” Enter Your LangProtect Credentials
โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•

Backend URL [http://localhost:8000]: http://localhost:8000
Email: your.email@company.com
Password: โ—โ—โ—โ—โ—โ—โ—โ—โ—โ—

      Validating credentials...
      โœ“ Credentials validated successfully!

โš™๏ธ  Configuring hosts...
   โœ… Updated: ~/.config/Code/User/mcp.json
   โœ… Updated: ~/.cursor/mcp.json
   โœ… Generated: ~/.config/langprotect-vector/hosts/jetbrains.mcp.json

โœ… Setup complete!

Alternative: Pre-set credentials via environment variables

export LANGPROTECT_URL="http://localhost:8000"
export LANGPROTECT_EMAIL="your.email@company.com"
export LANGPROTECT_PASSWORD="your-password"
langprotect-vector setup --backend-url "$LANGPROTECT_URL" --email "$LANGPROTECT_EMAIL" --password "$LANGPROTECT_PASSWORD"

3. Reload VS Code

Press Ctrl+Shift+P โ†’ Developer: Reload Window

That's it! โœ… Vector will now protect all configured local hosts.

On each IDE reopen, MCP servers configured with auto-start are started automatically when your first chat request needs MCP tools.

Note: current VS Code MCP auto-start modes are limited to never, onlyNew, and newAndOutdated; it does not provide a built-in always-run-on-launch mode for all servers.


โš™๏ธ Configuration Options (v1.3.0+)

Configure security behavior with environment variables in your wrapper script:

# Security Controls
export LANGPROTECT_ENABLE_MASKING=true      # Enable output masking (default: true)
export LANGPROTECT_FAIL_CLOSED=false        # Block on scan errors (default: false = fail-open)
export LANGPROTECT_SCAN_TIMEOUT=5.0         # Scan timeout in seconds (default: 5.0)
export LANGPROTECT_ENTROPY_DETECTION=true   # Detect unknown secrets via entropy (default: true)
export LANGPROTECT_SOURCE="vscode-copilot"  # Optional global source override
export LANGPROTECT_INPUT_SOURCE="custom-input-source"     # Legacy per-scan override
export LANGPROTECT_OUTPUT_SOURCE="custom-output-source"   # Legacy per-scan override

# Backend Connection
export LANGPROTECT_URL="http://localhost:8000"
export LANGPROTECT_EMAIL="your.email@company.com"
export LANGPROTECT_PASSWORD="your-password"

Source labels are auto-detected by default (no env var required):

  • vscode-codex
  • vscode-copilot
  • vscode-cline
  • cursor-codex
  • cursor-copilot
  • cursor-cline
  • claude-desktop-claude

If the AI tool cannot be detected reliably, the source falls back to IDE-only:

  • vscode
  • cursor
  • claude-desktop

Security Modes

Fail-Open (Default) - Recommended for development:

export LANGPROTECT_FAIL_CLOSED=false
  • If scan times out or fails โ†’ Allow request (log warning)
  • Won't block your workflow
  • Best for development environments

Fail-Closed - Recommended for production:

export LANGPROTECT_FAIL_CLOSED=true
  • If scan times out or fails โ†’ Block request
  • Maximum security
  • Best for production/sensitive environments

Output Masking

Control how AI-generated secrets are handled:

# Enable masking (default)
export LANGPROTECT_ENABLE_MASKING=true

# Disable masking (see secrets in plain text - not recommended)
export LANGPROTECT_ENABLE_MASKING=false

Masked format: <REDACTED:SECRET_TYPE:hash>

  • Example: <REDACTED:AWS_ACCESS_KEY:1a5d44a2>
  • Hash allows deduplication across logs
  • Preserves code structure

Vector Gateway CLI Scaffold

The repo now also includes a separate Vector-oriented client CLI:

langprotect-vector setup --backend-url http://localhost:8000 --email you@example.com
langprotect-vector login
langprotect-vector host install --host vscode
langprotect-vector start
langprotect-vector mcp-stdio --host vscode

Recommended local-machine flow:

langprotect-vector setup --backend-url http://localhost:8000 --email you@example.com

What setup does:

  • logs in and stores the local Vector profile
  • installs working host MCP config for vscode, cursor, and jetbrains
  • installs OS-level autostart for the local gateway where supported
  • starts the shared local gateway immediately so hosts can connect without a separate per-host start

What the CLI does now:

  • stores a local Vector login profile
  • writes a local gateway .env file
  • writes working local host MCP config for:
    • VS Code / Copilot
    • Cursor
  • writes a JetBrains MCP JSON snippet for import into the JetBrains MCP settings UI
  • creates a per-host install manifest for local hosts such as vscode, copilot, cursor, jetbrains, cline, and continue
  • starts the local vector_gateway_service
  • exposes a stdio MCP adapter for local hosts that bridges:
    • tools/list
    • tools/call into the local Vector gateway runtime

Manual local host flow:

langprotect-vector login --backend-url http://localhost:8000 --email you@example.com
langprotect-vector host install --host vscode
langprotect-vector start

The installed host config launches:

python -m langprotect_mcp_gateway.vector_cli mcp-stdio --host vscode --profile ~/.config/langprotect-vector/profile.json --gateway-url http://127.0.0.1:8090

The stdio adapter talks to the shared local gateway HTTP service. Start the gateway once before using MCP tools from any configured host.


๐Ÿ—๏ธ Manual Host Setup

If you prefer not to use the one-shot setup command, you can sign in first and then configure each local host explicitly:

langprotect-vector login --backend-url http://localhost:8000 --email you@example.com
langprotect-vector host install --host vscode
langprotect-vector host install --host cursor
langprotect-vector host install --host jetbrains
langprotect-vector start

Host-specific notes:

  • VS Code / Copilot: writes ~/.config/Code/User/mcp.json
  • Cursor: writes ~/.cursor/mcp.json
  • JetBrains: writes ~/.config/langprotect-vector/hosts/jetbrains.mcp.json for import into the JetBrains MCP settings UI
  • All configured hosts point to the same shared local Vector gateway process, so you only start it once

How It Works

โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”     โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”     โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
โ”‚   VS Code   โ”‚โ”€โ”€โ”€โ”€โ–ถโ”‚ LangProtect Gatewayโ”‚โ”€โ”€โ”€โ”€โ–ถโ”‚  Filesystem MCP  โ”‚
โ”‚  (Copilot)  โ”‚     โ”‚   (Security Scan)  โ”‚     โ”‚    Server        โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜     โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜     โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
                              โ”‚
                              โ–ผ
                    โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
                    โ”‚ LangProtect Backendโ”‚
                    โ”‚  (Policy Check)    โ”‚
                    โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
  1. Intercepts all MCP tool calls from your AI assistant
  2. Sends each request to LangProtect backend for security scanning
  3. Blocks requests that violate your security policies
  4. Forwards allowed requests to the actual MCP server
  5. Logs everything for audit trail โ†“ LangProtect Gateway (this package) โ†“ [Security Scan] โ†“ MCP Servers (filesystem, github, etc.)

Every request is:
1. Intercepted by the gateway
2. Scanned for security threats
3. Logged to LangProtect backend
4. Forwarded to actual MCP server (if safe)
5. Response returned to AI

## Dashboard

Monitor all activity at your LangProtect dashboard:
- View all AI interactions
- See security threats blocked
- Track IDE usage
- Generate compliance reports

## Security

The gateway protects against:
- ๐Ÿšซ Sensitive file access (`.env`, SSH keys, etc.)
- ๐Ÿšซ Dangerous commands (`rm -rf`, data exfiltration)
- ๐Ÿšซ SQL injection patterns
- ๐Ÿšซ Hardcoded credentials in suggestions
- ๐Ÿšซ Prompt injection attacks

## Troubleshooting

**"externally-managed-environment" error on Linux:**
- Modern Linux systems protect system Python. Use `pipx` instead:
  ```bash
  sudo apt install pipx -y
  pipx install langprotect-vector

Authentication failed:

  • Check LANGPROTECT_URL, LANGPROTECT_EMAIL, LANGPROTECT_PASSWORD are correct
  • Ensure LangProtect backend is accessible

Gateway not starting:

  • Check Python version: python3 --version (need 3.8+)
  • Check package installed: pipx list | grep langprotect
  • Verify path: which langprotect-vector

Tools not working:

  • Check MCP servers are configured under "servers" section
  • Restart IDE completely

Command not found after install:

  • Run pipx ensurepath and restart your terminal
  • Or add ~/.local/bin to your PATH manually

For Team Leads

Quick Team Rollout:

  1. Share credentials with each team member:

    Email: user@company.com
    Password: secure-password
    Server: http://langprotect.company.com:8000
    
  2. Team members install:

    # Linux/macOS
    sudo apt install pipx -y  # or: brew install pipx
    pipx install langprotect-vector
    langprotect-vector setup --backend-url http://langprotect.company.com:8000 --email user@company.com
    
  3. Monitor dashboard: See all team activity in real-time

Updates

# Upgrade with pipx
pipx upgrade langprotect-vector

# Or reinstall specific version
pipx install langprotect-vector==1.4.0 --force

Support

License

MIT License - see LICENSE file for details

Links

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

langprotect_vector-1.4.0.tar.gz (68.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

langprotect_vector-1.4.0-py3-none-any.whl (66.3 kB view details)

Uploaded Python 3

File details

Details for the file langprotect_vector-1.4.0.tar.gz.

File metadata

  • Download URL: langprotect_vector-1.4.0.tar.gz
  • Upload date:
  • Size: 68.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for langprotect_vector-1.4.0.tar.gz
Algorithm Hash digest
SHA256 9904a304e803a5e67e7421b0a0bafcfbed415c8bd75118f6d178872e40b654dc
MD5 6ffd0de1bd0ff2d41c340fe37c8dee87
BLAKE2b-256 5d08a30686a931668088a9f690f9e7ba9304cf4c8ecd620a23e1f33e6d586af8

See more details on using hashes here.

File details

Details for the file langprotect_vector-1.4.0-py3-none-any.whl.

File metadata

File hashes

Hashes for langprotect_vector-1.4.0-py3-none-any.whl
Algorithm Hash digest
SHA256 0cee29d191136ec3eeedfd5ef89db494afa9627af9ad8470524f2a9e3c125be3
MD5 d4081c43518498da629d183c539000bd
BLAKE2b-256 55b7118f2b8381351ae4e44533b04314a9eefbc7a54cd04a4511c16fc904a065

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page