mcp-guardSecurity gating for MCP servers, from local dev to CI

Validate protocol contracts, test runtime behavior, and enforce policy with reproducible reports.

🧪

Deterministic contract checks

Fixed checks for tools/list, tool-call behavior, malformed payloads, cancellation behavior, large responses, and timeout boundaries.

🛡️

Policy gate built-in

Use profile severity and --fail-on thresholds to enforce guardrails in CI without custom glue code.

📄

Reproducible outputs

Generate Markdown + JSON + SARIF artifacts designed for pull-request review and code scanning.

🚦

Three transport modes

Local stdio plus remote HTTP JSON-RPC and SSE support with bounded retries and timeouts.

IMPORTANT

Remote mode supports HTTP JSON-RPC (--http) and SSE (--sse).

Profiles

default · strict · paranoid

Outputs

report.md · report.json · report.sarif

Policy

--fail-on off|low|medium|high

Typical workflow

1) Validate quickly

Run checks locally against your MCP server before opening a PR.

mcp-guard validate --stdio "node server.cjs"

2) Test behavior

Execute deterministic test probes and emit machine-readable reports.

mcp-guard test --stdio "node server.cjs"

3) Gate in CI

Use audit with SARIF and severity thresholds to block risky changes.

mcp-guard audit --fail-on medium --sarif reports/report.sarif

Architecture

mermaid

graph LR
  CLI[mcp-guard CLI] --> T[Transports: stdio/http/sse]
  T --> RPC[JSON-RPC]
  RPC --> RULES[Rules + Profiles]
  RULES --> REP[Reports: md/json/sarif]
  REP --> GATE[Policy Gate (--fail-on)]
  GATE --> CI[CI / Code Scanning]

Ship checklist

Run mcp-guard audit in CI with --fail-on policy.
Upload SARIF so findings show in security dashboards.
Gate merges on reproducible report output.