MCP-Bastion security middleware for FastMCP servers. Prompt injection, PII, and rate-limit protection.

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for vaquarkhan from gravatar.com vaquarkhan

Unverified details

These details have not been verified by PyPI
Meta
  • License: Other/Proprietary License (See LICENSE and COMMERCIAL_LICENSE.md in the MCP-Bastion repository.)
  • Author: Viquar Khan
  • Tags bastion , fastmcp , llm , mcp , mcp-server , pii , prompt-injection , security
  • Requires: Python >=3.10
Classifiers
Report project as malware

Project description

mcp-bastion-fastmcp

Security middleware for FastMCP servers powered by MCP-Bastion.

Protect any FastMCP server from prompt injection, PII leakage, and resource exhaustion with a single import.

Install

pip install mcp-bastion-fastmcp

Usage

from mcp.server.fastmcp import FastMCP
from mcp_bastion_fastmcp import secure_fastmcp

mcp = FastMCP("My Secure Server")

# Add MCP-Bastion security to your server
secure_fastmcp(mcp)

@mcp.tool()
def get_weather(city: str) -> str:
    return f"Weather in {city}: 22C, sunny"

if __name__ == "__main__":
    mcp.run(transport="streamable-http")

What it protects

  • Scans all tool arguments through the same MCPBastionMiddleware path as the core Python package (see defaults on the three toggles above)
  • For full bastion.yaml features (semantic firewall, OPA/Cedar, allowlists, session limits, etc.), use build_middleware_from_config() with the low-level MCP Server — FastMCP does not expose a native hook for the entire policy surface

Implementation note: secure_fastmcp patches FastMCP._tool_manager.call_tool so every tool invocation flows through Bastion. Call it right after FastMCP(...) and before run().

License

Same terms as the MCP-Bastion project: see LICENSE. Non-commercial use is free with required citation/attribution; copyright terms apply. Commercial use as defined in the License may need a separate agreement (COMMERCIAL_LICENSE.md).

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for vaquarkhan from gravatar.com vaquarkhan

Unverified details

These details have not been verified by PyPI
Meta
  • License: Other/Proprietary License (See LICENSE and COMMERCIAL_LICENSE.md in the MCP-Bastion repository.)
  • Author: Viquar Khan
  • Tags bastion , fastmcp , llm , mcp , mcp-server , pii , prompt-injection , security
  • Requires: Python >=3.10
Classifiers

Release history Release notifications | RSS feed

This version

0.1.3

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

mcp_bastion_fastmcp-0.1.3.tar.gz (3.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

mcp_bastion_fastmcp-0.1.3-py3-none-any.whl (3.7 kB view details)

Uploaded Python 3

File details

Details for the file mcp_bastion_fastmcp-0.1.3.tar.gz.

File metadata

  • Download URL: mcp_bastion_fastmcp-0.1.3.tar.gz
  • Upload date:
  • Size: 3.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for mcp_bastion_fastmcp-0.1.3.tar.gz
Algorithm Hash digest
SHA256 a4dd01eed879c1c134287431ce6a41505bb70973d78a49b340ba677016a7afed
MD5 3d9c9f95976e600a1350fe6337b3f6d0
BLAKE2b-256 f72b976cf9cf4f61b00df3ca6e80b9a6ae08f421de090f76083ae61b021ab128

See more details on using hashes here.

Provenance

The following attestation bundles were made for mcp_bastion_fastmcp-0.1.3.tar.gz:

Publisher: publish-integrations.yml on vaquarkhan/MCP-Bastion

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file mcp_bastion_fastmcp-0.1.3-py3-none-any.whl.

File metadata

File hashes

Hashes for mcp_bastion_fastmcp-0.1.3-py3-none-any.whl
Algorithm Hash digest
SHA256 fe11067ad02a7ec2b3b5427c6431ab1e78bdc8c291aecc792eb59ebf399a408c
MD5 fbe773d1a10c0762bd30f5809215e8b0
BLAKE2b-256 f7226fcf76281783000f056e441e620c9175ed4791f806816929b1cc1dd585a6

See more details on using hashes here.

Provenance

The following attestation bundles were made for mcp_bastion_fastmcp-0.1.3-py3-none-any.whl:

Publisher: publish-integrations.yml on vaquarkhan/MCP-Bastion

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page