mcp-armor

studiomeyer-io/mcp-armor

★ 0 stars Rust 🤖 AI/LLM Updated 1d ago

Drop-in Rust sidecar for MCP servers — scans tool calls for prompt injection, validates Ed25519 manifest signatures, blocks marketplace-poisoning vectors. <5ms p99 overhead. Defense against OX Security MCP advisory (10+ CVEs, April 2026).

View on GitHub → Try with Claude — $10 free →

Quick Install

Copy the config for your editor. Some servers may need additional setup — check the README.

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "mcp-armor": {
      "command": "cargo",
      "args": [
        "run",
        "--",
        "mcp-armor"
      ]
    }
  }
}

README Excerpt

Drop-in Rust sidecar that wraps any MCP server. Scans tool calls for prompt injection, validates Ed25519 manifest signatures (with **TOFU keystore + Sigstore Rekor bridge** since v0.2), exports **OTLP gRPC telemetry** (on `opentelemetry 0.30` since v0.4 — closes the shutdown-hang class), blocks marketplace-poisoning vectors, **strips loader-class env keys from spawned children** (`LD_PRELOAD`, `NODE_OPTIONS`, … — new in v0.3), folds **Unicode confusables to detect homoglyph evasion** (Cyrillic `

Tools (11)

DYLD_LIBRARY_PATHarmor_check_cvearmor_get_drift_historyarmor_get_keystorearmor_get_policyarmor_list_blockedarmor_rekor_lookuparmor_scan_payloadarmor_simulate_attackarmor_verify_bundlearmor_verify_manifest

Topics

anthropicbuilt-in-mallorcaclaudeed25519mcpmcp-securitymcp-servermodel-context-protocolprompt-injectionrustsecuritysidecarsignaturesupply-chain-security

mcp-armor

Quick Install

README Excerpt

Tools (11)

Topics

Related AI/LLM Servers