MCP Secure Gateway
Runtime guardrails for MCP connections.
What it does
An open-source security gateway for Model Context Protocol (MCP) connections. Provides runtime guardrails, authentication, and policy enforcement for the protocol that connects LLMs to external tools and data sources.
Security relevance
MCP is becoming the standard for connecting LLMs to tools — but the protocol itself has minimal built-in security. MCP Secure Gateway adds the missing security layer: authenticating MCP connections, validating tool calls against policies, and monitoring for suspicious patterns. Addresses three OWASP Agentic Top 10 entries: ASI02 (Tool Misuse — MCP tool poisoning), ASI04 (Supply Chain — compromised MCP servers), and ASI07 (Inter-Agent Communication — MCP descriptor injection and protocol abuse). The ASI Exploits Tracker lists multiple real-world MCP attacks including the first in-the-wild malicious MCP server on npm.
When to use it
Deploy when using MCP-based agent architectures in production. Requires MCP protocol knowledge, deployment infrastructure, and security policy configuration. Essential for any production MCP deployment but requires expert-level understanding of the protocol.
OWASP coverage
Risks addressed — mapped to both OWASP Top 10 standards. 3 in LLM, 3 in Agentic.
The raw record
What Yuntona stores. Single source of truth — fork it on GitHub.
name: MCP Secure Gateway slug: mcp-secure-gateway type: Mixed category: AI Guardrails & Firewalls url: https://github.com/nicobailon/mcp-secure-gateway reviewed: 2026-04 added: 2026-04 updated: 2026-04 risks: llm: [LLM01, LLM07, LLM08] asi: [ASI02, ASI04, ASI07] complexity: Expert Required pricing: — audience: Builder lifecycle: [deploy] tags: [Agents, MCP, Open Source]