mcp-gateway MCP — Casos de uso, Instalar & Demo ao vivo

Por que usar

Principais recursos

Proxies multiple upstream MCP servers with a unified interface
Plugins: basic secret-mask, Presidio PII, Lasso AI safety, Xetrack tracing, Security Scanner
Blocks or redacts instead of just logging — actually prevents leaks
Prompt injection detection on tool inputs
Drop-in via pip install mcp-gateway + mcp.json config

Demo ao vivo

Como fica na prática

gateway.replay ▶ pronto

0/0

Instalar

Escolha seu cliente

~/Library/Application Support/Claude/claude_desktop_config.json · Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "gateway": {
      "command": "uvx",
      "args": [
        "mcp-gateway"
      ],
      "_inferred": true
    }
  }
}

Abra Claude Desktop → Settings → Developer → Edit Config. Reinicie após salvar.

~/.cursor/mcp.json · .cursor/mcp.json

{
  "mcpServers": {
    "gateway": {
      "command": "uvx",
      "args": [
        "mcp-gateway"
      ],
      "_inferred": true
    }
  }
}

Cursor usa o mesmo esquema mcpServers que o Claude Desktop. Config de projeto vence a global.

VS Code → Cline → MCP Servers → Edit

{
  "mcpServers": {
    "gateway": {
      "command": "uvx",
      "args": [
        "mcp-gateway"
      ],
      "_inferred": true
    }
  }
}

Clique no ícone MCP Servers na barra lateral do Cline, depois "Edit Configuration".

~/.codeium/windsurf/mcp_config.json

{
  "mcpServers": {
    "gateway": {
      "command": "uvx",
      "args": [
        "mcp-gateway"
      ],
      "_inferred": true
    }
  }
}

Mesmo formato do Claude Desktop. Reinicie o Windsurf para aplicar.

~/.continue/config.json

{
  "mcpServers": [
    {
      "name": "gateway",
      "command": "uvx",
      "args": [
        "mcp-gateway"
      ]
    }
  ]
}

O Continue usa um array de objetos de servidor em vez de um map.

~/.config/zed/settings.json

{
  "context_servers": {
    "gateway": {
      "command": {
        "path": "uvx",
        "args": [
          "mcp-gateway"
        ]
      }
    }
  }
}

Adicione em context_servers. Zed recarrega automaticamente ao salvar.

claude mcp add gateway -- uvx mcp-gateway

Uma linha só. Verifique com claude mcp list. Remova com claude mcp remove.

Casos de uso

Usos do mundo real: mcp-gateway

Expose internal MCPs to Claude without leaking PII

👤 Enterprise security, platform teams ⏱ ~45 min advanced

Quando usar: Your internal tools (postgres, CRM) would leak customer names / emails / SSNs into LLM context if used directly.

Pré-requisitos

pip install mcp-gateway[presidio] — presidio extra pulls spaCy models

Fluxo

Wire upstream MCPs through gateway

Configure mcp-gateway with upstream postgres MCP; enable the Presidio plugin with redaction for EMAIL, PHONE, US_SSN.✓ Copiado

→ Config file with plugin chain
Test redaction

Run a query returning customer emails; confirm the gateway replaces them with <EMAIL> placeholders before reaching the LLM.✓ Copiado

→ Claude sees only placeholders

Resultado: LLM-usable tool access without raw PII crossing the boundary.

Armadilhas

Over-redaction breaks downstream joins — Use consistent pseudonyms (Presidio supports hash-based) so the LLM can still reason across redacted fields

Combine com: postgres

Block prompt injection attacks from tool outputs

👤 Security-aware agent builders ⏱ ~30 min advanced

Quando usar: Your agent uses fetch/web-browsing MCPs — tool outputs can contain 'ignore previous instructions' payloads.

Pré-requisitos

Lasso API key — lasso.security signup

Fluxo

Enable Lasso plugin

Turn on the Lasso plugin in gateway config with LASSO_API_KEY set. Put fetch MCP behind it.✓ Copiado

→ Plugin active; outputs scanned
Test

Have Claude fetch a URL containing known prompt-injection test string; verify it's neutralized before reaching the model.✓ Copiado

→ Injection blocked or flagged

Resultado: Defense against tool-output injection.

Armadilhas

False positives block legit content — Start with 'warn' mode, review logs before switching to 'block'

Combine com: fetch · firecrawl

Log every MCP tool call for compliance audit

👤 Compliance / security audit teams ⏱ ~20 min intermediate

Quando usar: You need SOC2-style evidence of what the LLM asked tools to do.

Fluxo

Enable Xetrack plugin

Turn on Xetrack with SQLite destination. Route all MCPs through the gateway.✓ Copiado

→ mcp_calls.db being written
Query audit log

Show me all tool calls in the last 24h where the tool name contains 'delete' or 'drop'.✓ Copiado

→ Destructive-op audit trail

Resultado: Queryable audit database for compliance.

Armadilhas

Log DB grows unbounded — Rotate and archive monthly

Combinações

Combine com outros MCPs para 10× de alavancagem

gateway + postgres + fetch

DB + web access with PII + injection guards

Put postgres and fetch behind mcp-gateway with presidio + lasso plugins; use normally from Claude.✓ Copiado

Ferramentas

O que este MCP expõe

Ferramenta	Entradas	Quando chamar	Custo
<upstream tools>	Depends on upstream MCP	Gateway is transparent — you call upstream tools as usual	upstream cost + plugin overhead

Custo e limites

O que custa rodar

Cota de API: Lasso plugin requires Lasso API key (paid tier)
Tokens por chamada: Plugin overhead ~50-200ms per call; redaction reduces tokens
Monetário: Gateway itself free. Lasso plugin: see lasso.security pricing.
Dica: Run basic + presidio plugins for free; only add Lasso if you need advanced injection detection.

Segurança

Permissões, segredos, alcance

Armazenamento de credenciais: Plugin API keys in env vars (LASSO_API_KEY, etc.)

Saída de dados: Varies by plugin: basic + presidio are local; Lasso sends samples to Lasso cloud for analysis

Plugins can false-positive; always test in 'warn' mode before 'block'.
Lasso sends tool inputs/outputs to their servers — assess against your data policy.

Solução de problemas

Erros comuns e correções

Presidio plugin fails to load

Install extra: pip install 'mcp-gateway[presidio]' and download spaCy model: python -m spacy download en_core_web_lg.

Upstream MCP not responding through gateway

Test the upstream directly first; then verify gateway mcp.json command/args match exactly.

Performance drop

Plugin chain order matters — put cheapest (basic mask) first, Lasso last.

Alternativas

mcp-gateway vs. outros

Alternativa	Quando usar	Troca
Claude's built-in output filters	You only use Claude and trust its own redaction	No customization, no audit trail
Concierge SDK	You want a framework for writing MCPs, not a security proxy	Different problem space

Mais

Recursos

📖 Leia o README oficial no GitHub

🐙 Ver issues abertas

🔍 Ver todos os 400+ servidores MCP e Skills