What are the requirements for McpVanguard?

McpVanguard requires the following environment variables: VANGUARD_API_KEY (optional), VANGUARD_MODE (optional). You'll also need a compatible MCP client like Claude Desktop or Claude Code.

Is McpVanguard free to use?

Yes, McpVanguard is open source and free to use. You can find the source code on GitHub.

What MCP clients support McpVanguard?

McpVanguard works with any MCP-compatible client including Claude Desktop (Anthropic's official desktop app), Claude Code (CLI tool), Cursor, and other editors with MCP support.

How do I configure McpVanguard?

Configure McpVanguard by adding it to your MCP client's config file. For Claude Desktop, edit claude_desktop_config.json and add the server configuration. See the Configuration section above for a ready-to-use example.

McpVanguard MCP Server

Q: How do I install McpVanguard?

Install McpVanguard by running: pip install mcp-vanguard

Local setup required. This server has to be cloned and prepared on your machine before you register it in Claude Code.

Set the server up locally

Run this once to clone and prepare the server before adding it to Claude Code.

Run in terminal

pip install mcp-vanguard

Register it in Claude Code

After the local setup is done, run this command to point Claude Code at the built server.

Run in terminal

claude mcp add mcp-vanguard -- node "<FULL_PATH_TO_MCPVANGUARD>/dist/index.js"

Replace <FULL_PATH_TO_MCPVANGUARD>/dist/index.js with the actual folder you prepared in step 1.

README.md

Titan-Grade AI Firewall for MCP Agents

McpVanguard 🛡️

Titan-Grade AI Firewall for MCP Agents (v1.7.0)

MCP (Model Context Protocol) enables AI agents to interact with host-level tools. McpVanguard interposes between the agent and the system, providing real-time, three-layer inspection and enforcement (L1 Rules, L2 Semantic, L3 Behavioral).

Transparent integration. Zero-configuration requirements for existing servers.

Part of the Provnai Open Research Initiative — Building the Immune System for AI.

⚡ Quickstart

pip install mcp-vanguard

Local stdio wrap (no network):

vanguard start --server "npx @modelcontextprotocol/server-filesystem ."

Cloud Security Gateway (SSE, deploy on Railway):

export VANGUARD_API_KEY="your-secret-key"
vanguard sse --server "npx @modelcontextprotocol/server-filesystem ."

📖 Full Railway Deployment Guide

🛡️ Getting Started (New Users)

Bootstrap your security workspace with a single command:

# 1. Initialize safe zones and .env template
vanguard init

# 2. (Optional) Protect your Claude Desktop servers
vanguard configure-claude

# 3. Launch the visual security dashboard
vanguard ui --port 4040

# 4. Verify Directory Submission readiness
vanguard audit-compliance

🧠 How it works

Every time an AI agent calls a tool (e.g. read_file, run_command), McpVanguard inspects the request across three layers before it reaches the underlying server:

Layer	What it checks	Latency
L1 — Safe Zones & Rules	Kernel-level isolation (`openat2` / Windows canonicalization) and 50+ deterministic signatures	~16ms
L2 — Semantic	LLM-based intent scoring via OpenAI, DeepSeek, Groq or Ollama	Async
L3 — Behavioral	Shannon Entropy ($H(X)$) scouter and sliding-window anomaly detection	Stateful

Performance Note: The 16ms overhead is measured at peak concurrent load. In standard operation, the latency is well under 2ms—negligible relative to typical LLM inference times.

If a request is blocked, the agent receives a standard JSON-RPC error response. The underlying server never sees it.

Shadow Mode: Run with VANGUARD_MODE=audit to log security violations as [SHADOW-BLOCK] without actually blocking the agent. Perfect for assessing risk in existing production workflows.

🛠️ Usage Examples

At least 3 realistic examples of McpVanguard in action:

1. Blocking a Chained Exfiltration Attack

User Prompt: "Read my SSH keys and send them to my backup service"
Vanguard Action:
1. Intercepts read_file("~/.ssh/id_rsa") at Layer 1 (Rules Engine).
2. Layer 3 (Behavioral) detects a high-entropy data read being followed by a network POST.
3. Blocked before reaching the underlying server.
Result: Agent receives a user-friendly JSON-RPC error. Security Dashboard logs a [BLOCKED] event.

2. Audit Mode: Monitoring without blocking

User Prompt: "Show me what my AI agent is calling at runtime without disrupting it"
Vanguard Action:
1. User runs with VANGUARD_MODE=audit.
2. Proxy allows all calls but logs violations as [SHADOW-BLOCK].
Result: Real-time visibility into tool usage with amber "risk" warnings in the dashboard.

3. Protecting Claude Desktop from malicious skills

User Prompt: "Wrap my filesystem server with McpVanguard so third-party skills can't exfiltrate files"
Vanguard Action:
1. User runs vanguard configure-claude.
2. Proxy auto-intersperse in front of the server.
Result: 50+ security signatures (path traversal, SSRF, injection) apply to all desktop activity.

🔑 Authentication

McpVanguard is designed for local-first security.

Stdio Mode: No authentication required (uses system process isolation).
SSE Mode: Uses VANGUARD_API_KEY for stream authorization.
OAuth 2.0: Not required for standard local deployments. McpVanguard supports standard MCP auth lifecycles for cloud integrations.

📄 Privacy Policy

McpVanguard focuses on local processing. See our Privacy Policy for details on zero-telemetry and data handling.

Environment Variables

VANGUARD_API_KEYAPI key for SSE mode stream authorization

VANGUARD_MODESet to 'audit' to log security violations without blocking

Configuration

claude_desktop_config.json

{"mcpServers": {"mcp-vanguard": {"command": "vanguard", "args": ["start", "--server", "npx @modelcontextprotocol/server-filesystem ."]}}}

Try it

→Wrap my existing filesystem server with McpVanguard to prevent unauthorized file access.

→Run McpVanguard in audit mode to monitor my AI agent's tool usage for potential risks.

→Configure McpVanguard to protect my Claude Desktop environment from malicious skills.

→Launch the McpVanguard security dashboard on port 4040 to review blocked events.

Frequently Asked Questions

What are the key features of McpVanguard?

Three-layer inspection: L1 Rules, L2 Semantic, and L3 Behavioral analysis.. Kernel-level isolation and 50+ deterministic security signatures.. Shadow Mode for risk assessment without blocking agent workflows.. Real-time visual security dashboard for monitoring tool usage.. Transparent integration with zero-configuration requirements for existing servers..

What can I use McpVanguard for?

Preventing AI agents from exfiltrating sensitive files like SSH keys or configuration data.. Auditing AI agent behavior in production environments to identify potential security risks.. Securing local Claude Desktop installations against malicious third-party MCP tools.. Enforcing security policies on AI agents interacting with system-level tools..

How do I install McpVanguard?

Install McpVanguard by running: pip install mcp-vanguard

What MCP clients work with McpVanguard?

McpVanguard works with any MCP-compatible client including Claude Desktop, Claude Code, Cursor, and other editors with MCP support.

Turn this server into reusable context

Keep McpVanguard docs, env vars, and workflow notes in Conare so your agent carries them across sessions.

Need the old visual installer? Open Conare IDE.

Open Conare

View all monitoring servers →