@mcp-bastion/core 1.0.5 → 1.0.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +55 -0
- package/package.json +2 -1
package/README.md
ADDED
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
# @mcp-bastion/core
|
|
2
|
+
|
|
3
|
+
Security middleware for MCP (Model Context Protocol) servers. Rate limiting in-process; prompt injection and PII via Python sidecar.
|
|
4
|
+
|
|
5
|
+
Author: Viquar Khan
|
|
6
|
+
|
|
7
|
+
## Install
|
|
8
|
+
|
|
9
|
+
```bash
|
|
10
|
+
npm install @mcp-bastion/core @modelcontextprotocol/sdk
|
|
11
|
+
```
|
|
12
|
+
|
|
13
|
+
## Quick Start
|
|
14
|
+
|
|
15
|
+
```typescript
|
|
16
|
+
import { Server } from "@modelcontextprotocol/sdk/server/index.js";
|
|
17
|
+
import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
|
|
18
|
+
import { wrapWithMcpBastion } from "@mcp-bastion/core";
|
|
19
|
+
|
|
20
|
+
const server = new Server({ name: "my-mcp-server", version: "1.0.0" });
|
|
21
|
+
|
|
22
|
+
wrapWithMcpBastion(server, {
|
|
23
|
+
enableRateLimit: true,
|
|
24
|
+
maxIterations: 15,
|
|
25
|
+
timeoutMs: 60_000,
|
|
26
|
+
sidecarUrl: process.env.MCP_BASTION_SIDECAR || "",
|
|
27
|
+
enablePromptGuard: !!process.env.MCP_BASTION_SIDECAR,
|
|
28
|
+
enablePiiRedaction: !!process.env.MCP_BASTION_SIDECAR,
|
|
29
|
+
});
|
|
30
|
+
|
|
31
|
+
server.setRequestHandler("tools/call" as any, async (request) => {
|
|
32
|
+
if (request.params?.name === "get_weather") {
|
|
33
|
+
return { content: [{ type: "text", text: "Sunny, 22C" }], isError: false };
|
|
34
|
+
}
|
|
35
|
+
throw new Error("Unknown tool");
|
|
36
|
+
});
|
|
37
|
+
|
|
38
|
+
const transport = new StdioServerTransport();
|
|
39
|
+
await server.connect(transport);
|
|
40
|
+
```
|
|
41
|
+
|
|
42
|
+
## Options
|
|
43
|
+
|
|
44
|
+
| Option | Default | Description |
|
|
45
|
+
|--------|---------|-------------|
|
|
46
|
+
| enableRateLimit | true | Cap tool calls per session |
|
|
47
|
+
| maxIterations | 15 | Max tool calls before block |
|
|
48
|
+
| timeoutMs | 60000 | Session timeout |
|
|
49
|
+
| sidecarUrl | "" | Python sidecar URL for ML features |
|
|
50
|
+
| enablePromptGuard | false | Requires sidecarUrl |
|
|
51
|
+
| enablePiiRedaction | false | Requires sidecarUrl |
|
|
52
|
+
|
|
53
|
+
## Full Docs
|
|
54
|
+
|
|
55
|
+
See [MCP-Bastion](https://github.com/vaquarkhan/MCP-Bastion) for Python package, examples, and full documentation.
|
package/package.json
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@mcp-bastion/core",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.7",
|
|
4
|
+
"mcpName": "io.github.vaquarkhan/mcp-bastion",
|
|
4
5
|
"description": "Security middleware for MCP servers protecting LLM agents from prompt injection, resource exhaustion, and PII leakage",
|
|
5
6
|
"type": "module",
|
|
6
7
|
"main": "dist/index.js",
|