mcp-guardian

Security and governance proxy for MCP infrastructure. Enforces YAML-configurable policies (blocklists, rate limits, token budgets), tracks real token costs via tiktoken, monitors server health with live JSON-RPC probes. Features include OAuth 2.1/OIDC with RBAC, web dashboard with Prometheus metrics, payload normalization against encoding bypasses, semantic shell AST analysis, mTLS zero-trust networking, circuit breakers, and a formal STRIDE threat model. 168 tests across 16 suites. Install: npm install -g @mcp-guardian/server

typescript Developer Tools by rudraneel93

Prometheus npm

Links:

GitHub

Glama

○

Unscored visibility — 0/0 applicable dimensions scored

○ Schema Quality — Protocol — Reliability ○ Docs & Maintenance ○ Security Hygiene — Schema Interpretability

Schema Quality

—

42% weight

Protocol Compliance

N/A

Local server

Reliability

N/A

Local server

Docs & Maintenance

—

25% weight

Security Hygiene

—

33% weight

Embed Badge

Add this to your README to display your MCP Scoreboard grade:

[![MCP Score](https://www.mcpscoreboard.com/badge/74372c17-4d2a-4abd-b264-34cb22d54abe.svg)](https://www.mcpscoreboard.com/server/74372c17-4d2a-4abd-b264-34cb22d54abe/)