/ 디렉터리 / 플레이그라운드 / mcp-gateway
← 모든 서버 ↗ GitHub
● 커뮤니티 lasso-security ⚡ 바로 사용

mcp-gateway

제작: lasso-security · lasso-security/mcp-gateway

Put a security gateway in front of your MCP servers — mask secrets, redact PII, block prompt injection, and log every tool call.

Lasso's mcp-gateway is a Python-based orchestrator for multiple MCP servers with a plugin system for guardrails: Basic secret masking, Presidio PII redaction, Lasso's LLM-aware prompt-injection detection, Xetrack tracing, and server-reputation scanning.

▶ 데모 보기 📦 설치 💡 사용 사례

왜 쓰나요

핵심 기능

라이브 데모

실제 사용 모습

gateway.replay ▶ 준비됨
0/0

설치

클라이언트 선택

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "gateway": {
      "command": "uvx",
      "args": [
        "mcp-gateway"
      ],
      "_inferred": true
    }
  }
}

Claude Desktop → Settings → Developer → Edit Config 열기. 저장 후 앱 재시작.

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "gateway": {
      "command": "uvx",
      "args": [
        "mcp-gateway"
      ],
      "_inferred": true
    }
  }
}

Cursor는 Claude Desktop과 동일한 mcpServers 스키마 사용. 프로젝트 설정이 전역보다 우선.

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "gateway": {
      "command": "uvx",
      "args": [
        "mcp-gateway"
      ],
      "_inferred": true
    }
  }
}

Cline 사이드바의 MCP Servers 아이콘 클릭 후 "Edit Configuration" 선택.

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "gateway": {
      "command": "uvx",
      "args": [
        "mcp-gateway"
      ],
      "_inferred": true
    }
  }
}

Claude Desktop과 같은 형식. Windsurf 재시작 후 적용.

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "gateway",
      "command": "uvx",
      "args": [
        "mcp-gateway"
      ]
    }
  ]
}

Continue는 맵이 아닌 서버 오브젝트 배열 사용.

~/.config/zed/settings.json
{
  "context_servers": {
    "gateway": {
      "command": {
        "path": "uvx",
        "args": [
          "mcp-gateway"
        ]
      }
    }
  }
}

context_servers에 추가. 저장 시 Zed가 핫 리로드.

claude mcp add gateway -- uvx mcp-gateway

한 줄 명령. claude mcp list로 확인, claude mcp remove로 제거.

사용 사례

실전 활용법: mcp-gateway

Expose internal MCPs to Claude without leaking PII

👤 Enterprise security, platform teams ⏱ ~45 min advanced

언제 쓸까: Your internal tools (postgres, CRM) would leak customer names / emails / SSNs into LLM context if used directly.

사전 조건
  • pip install mcp-gateway[presidio] — presidio extra pulls spaCy models
흐름
  1. Wire upstream MCPs through gateway
    Configure mcp-gateway with upstream postgres MCP; enable the Presidio plugin with redaction for EMAIL, PHONE, US_SSN.✓ 복사됨
    → Config file with plugin chain
  2. Test redaction
    Run a query returning customer emails; confirm the gateway replaces them with <EMAIL> placeholders before reaching the LLM.✓ 복사됨
    → Claude sees only placeholders

결과: LLM-usable tool access without raw PII crossing the boundary.

함정
  • Over-redaction breaks downstream joins — Use consistent pseudonyms (Presidio supports hash-based) so the LLM can still reason across redacted fields
함께 쓰기: postgres

Block prompt injection attacks from tool outputs

👤 Security-aware agent builders ⏱ ~30 min advanced

언제 쓸까: Your agent uses fetch/web-browsing MCPs — tool outputs can contain 'ignore previous instructions' payloads.

사전 조건
  • Lasso API key — lasso.security signup
흐름
  1. Enable Lasso plugin
    Turn on the Lasso plugin in gateway config with LASSO_API_KEY set. Put fetch MCP behind it.✓ 복사됨
    → Plugin active; outputs scanned
  2. Test
    Have Claude fetch a URL containing known prompt-injection test string; verify it's neutralized before reaching the model.✓ 복사됨
    → Injection blocked or flagged

결과: Defense against tool-output injection.

함정
  • False positives block legit content — Start with 'warn' mode, review logs before switching to 'block'
함께 쓰기: fetch · firecrawl

Log every MCP tool call for compliance audit

👤 Compliance / security audit teams ⏱ ~20 min intermediate

언제 쓸까: You need SOC2-style evidence of what the LLM asked tools to do.

흐름
  1. Enable Xetrack plugin
    Turn on Xetrack with SQLite destination. Route all MCPs through the gateway.✓ 복사됨
    → mcp_calls.db being written
  2. Query audit log
    Show me all tool calls in the last 24h where the tool name contains 'delete' or 'drop'.✓ 복사됨
    → Destructive-op audit trail

결과: Queryable audit database for compliance.

함정
  • Log DB grows unbounded — Rotate and archive monthly

조합

다른 MCP와 조합해 10배 효율

gateway + postgres + fetch

DB + web access with PII + injection guards

Put postgres and fetch behind mcp-gateway with presidio + lasso plugins; use normally from Claude.✓ 복사됨

도구

이 MCP가 노출하는 것

도구입력언제 호출비용
<upstream tools> Depends on upstream MCP Gateway is transparent — you call upstream tools as usual upstream cost + plugin overhead

비용 및 제한

운영 비용

API 쿼터
Lasso plugin requires Lasso API key (paid tier)
호출당 토큰
Plugin overhead ~50-200ms per call; redaction reduces tokens
금액
Gateway itself free. Lasso plugin: see lasso.security pricing.
Run basic + presidio plugins for free; only add Lasso if you need advanced injection detection.

보안

권한, 시크릿, 파급범위

자격 증명 저장: Plugin API keys in env vars (LASSO_API_KEY, etc.)
데이터 외부 송신: Varies by plugin: basic + presidio are local; Lasso sends samples to Lasso cloud for analysis

문제 해결

자주 발생하는 오류와 해결

Presidio plugin fails to load

Install extra: pip install 'mcp-gateway[presidio]' and download spaCy model: python -m spacy download en_core_web_lg.

Upstream MCP not responding through gateway

Test the upstream directly first; then verify gateway mcp.json command/args match exactly.

Performance drop

Plugin chain order matters — put cheapest (basic mask) first, Lasso last.

대안

mcp-gateway 다른 것과 비교

대안언제 쓰나단점/장점
Claude's built-in output filtersYou only use Claude and trust its own redactionNo customization, no audit trail
Concierge SDKYou want a framework for writing MCPs, not a security proxyDifferent problem space

더 보기

리소스

📖 GitHub에서 공식 README 읽기

🐙 열린 이슈 보기

🔍 400+ MCP 서버 및 Skills 전체 보기