Secure AI Tool Ecosystems with MCPIDS
MCPIDS is an inline security layer for Model Context Protocol deployments. It inspects every request and response, detects prompt injection and secret leakage, and applies policy decisions before risky tool behavior reaches production agents.
Timeout Default
100ms
Default fail-closed pipeline timeout
Scenario Fixtures
8
Bundled scenario fixtures
Core Components
5
Gateway, control plane, agent, semantic service, sensor
The Unchecked Autonomy Problem
"As AI agents move from chat interfaces to autonomous tool execution, the attack surface expands rapidly. Without inline inspection, trusted MCP connections become a path for jailbroken logic, credential exposure, and cross-system exfiltration."
Indirect Prompt Injection
Malicious instructions hidden in external content can pressure agents into unauthorized tool calls and unsafe reasoning paths.
Secret Leakage
Tool responses and prompt context can accidentally expose API keys, tokens, tenant data, or system secrets to downstream models.
Precision Guardrails
Deep inspection for every request and response moving through your MCP ecosystem, with policy-backed decisions that remain explainable.
Traffic Inspection
Inspects MCP JSON-RPC messages flowing between agents and servers.
Injection Detection
Rules and semantic analysis detect adversarial prompts and jailbreak-style instructions.
Secret Prevention
PII and credential signatures are scanned before content reaches agents or LLM providers.
Policy Enforcement
Fine-grained policy rules restrict tool use by action, path, context, risk, or tenant.
Risk Scoring
Every transaction gets a weighted risk score across rules, semantic, diff, and graph signals.
Audit Trails
Append-only audit records for compliance reviews, incident response, and forensics.
Schema Detection
Silent tool definition changes are flagged before widened capabilities escape review.
Approval Flows
High-risk actions can be held for human approval before writes, exfiltration, or destructive changes.
Real-Time Inspection and Policy Enforcement
Inline proxying by routing clients through the gateway or wrapping stdio agents.
Intercept
MCPIDS receives the JSON-RPC call as lightweight middleware and proxies the transport stream.
Analyze
Rules, semantic classifiers, and secret scans inspect intent, content, and known threat patterns.
Evaluate
Signals are aggregated into risk scores and matched against policy decisions for each tenant and tool.
Route
Safe traffic is forwarded. Unsafe traffic is blocked, redacted, quarantined, or held for approval.
Designed for Every Agent Journey
Secure AI Coding Agents
Detect destructive shell-style tool requests and suspicious multi-step exfiltration patterns in agent sessions.
Enterprise Agent Workflows
Enforce data boundaries even when agents orchestrate tools across departments and systems.
Ecosystem Monitoring
Observe tool execution patterns to detect lateral movement, schema drift, and shadow IT behavior.
Guardrails for Autonomy
Set hard limits on risky tools, outbound destinations, and sensitive paths before autonomous loops spiral.
Threat Fixtures
8 bundled scenarios
Covered by repository tests and fixtures
Decision Precedence
quarantine > deny > require_approval > redact > hide > monitor_only > allow
Most restrictive decision wins when multiple interceptors contribute signals
Representative Outcomes
Developer Quick Start
Local development uses Go, Docker, and Make. For the fastest demo, run the bundled script. For a fuller setup, follow the same `make`-based flow documented in the README and local development guide.
EXTENSIBLE
Tenant-Scoped Policy Rules
NATIVE
Go Gateway and Control Plane
SECURE
Gateway TLS, optional control-plane mTLS
FAST
100ms default fail-closed timeout