airlock-mcp

adi2kool/airlock-mcp
★ 0 stars Python Security Updated 6d ago
The instruction/data trust boundary for MCP: a scanner, an enforcing proxy with action-gating, Ed25519 content signing, a tamper-evident audit ledger, and a prevalence study over ~1,000 real MCP servers. Runs at $0.
View on GitHub → 🔍 Audit Wallet Slippage →

Quick Install

Copy the config for your editor. Some servers may need additional setup — check the README.

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "airlock-mcp": {
      "command": "uvx",
      "args": [
        "airlock-mcp"
      ]
    }
  }
}

Or install with pip: pip install airlock-mcp

README Excerpt

The instruction and data boundary for MCP. Agents cannot reliably tell trusted instructions from untrusted data, because a model reads system instructions, user input, and retrieved content as one token stream with no enforced boundary between them. Anything that reaches the context can act like a command. Airlock makes that boundary explicit and enforceable at