mcp-gatekeeper
Secure MCP server with JSON plugin configuration, multiple sandbox modes, glob-based policy control, and MCP Apps UI support
claude mcp add --transport stdio takeshy-mcp-gatekeeper docker run -i takeshy/mcp-gatekeeper \ --env PORT="Port the HTTP/Bridge API will listen on (if applicable in container)." \ --env MCP_LOG_LEVEL="Logging level (e.g., info, debug)."
How to use
MCP Gatekeeper is a security-focused gateway for MCP (Model Context Protocol) workflows. It provides policy-based argument validation, sandboxed execution, and multiple exposure modes so you can safely run and proxy shell commands or stdio-based MCP servers through HTTP with authentication and rate limiting. You can leverage its plugin-driven tool configuration to control exactly which commands are allowed, how arguments are validated, and what kind of isolation is used (none, bubblewrap, or WASM). The gateway supports stdio mode for direct MCP client integration, an HTTP mode that exposes commands as a JSON-RPC 2.0 API, and a bridge mode to proxy existing stdio MCP servers over HTTP. This makes it suitable for connecting AI assistants to your environment while maintaining strict access controls.
How to install
Prerequisites:
- Docker (for the recommended deployment via container) or Go toolchain if you build from source.
- Basic MCP knowledge and configuration files for the tools you want to expose.
Using Docker (recommended):
- Install Docker on your host.
- Pull and run the MCP Gatekeeper image: docker pull takeshy/mcp-gatekeeper docker run -d --name mcp-gatekeeper -p 8080:8080 takeshy/mcp-gatekeeper
- Configure environment variables as needed to enable authentication, logging, and port configuration (see additional_notes for details).
Alternative: Build from source (Go):
- Ensure Go 1.21+ is installed.
- Clone the repository and navigate to the project root.
- Build the binary, then run it with the desired flags to configure modes and plugins.
Configuration:
- Prepare a JSON-based tool/plugin configuration that defines allowed commands, arguments, sandboxing settings, and UI type.
- Provide environment variable filters and OAuth client credentials as needed for your deployment.
After installation:
- Verify the service is reachable on the configured port.
- Test a couple of tool invocations through the HTTP or bridge endpoints to confirm policy validation and sandboxing are functioning correctly.
Additional notes
Tips and common considerations:
- Use the bridge mode to easily expose existing stdio MCP servers over HTTP with authentication and rate limiting.
- Define instrumented tool configurations with Glob-based argument patterns to enforce strict policy checks.
- Enable sandboxing (bubblewrap or WASM) for sensitive tools to reduce risk from misused commands.
- If using OAuth 2.0, configure the client credentials flow for secure machine-to-machine access as described in MCP SEP-1046.
- Enable MCP Apps UI rendering for interactive tool outputs if you rely on rich HTML interfaces.
- For large command outputs, ensure the bridge mode is configured to handle large responses by externalizing files when necessary.
- Review environment variable filtering to ensure sensitive data is not exposed to tool invocations.
Related MCP Servers
mcp-language
mcp-language-server gives MCP enabled clients access semantic tools like get definition, references, rename, and diagnostics.
kodit
👩💻 MCP server to index external repositories
github-brain
An experimental GitHub MCP server with local database.
bgg
BGG MCP provides access to BoardGameGeek and a variety of board game related data through the Model Context Protocol. Enabling retrieval and filtering of board game data, user collections, and profiles.
mcp
Teamwork.com MCP server
chromedp
MCP server for browser automation using chromedp
