Skip to main content
Glama
egoughnour

Code Firewall MCP

by egoughnour
OverviewSchemaRelated ServersScoreDiscussions
Python
Hybrid

Server Configuration

Describes the environment variables required to run the server.

NameRequiredDescriptionDefault
OLLAMA_URLNoOllama server URLhttp://localhost:11434
EMBEDDING_MODELNoOllama embedding modelnomic-embed-text
FIREWALL_DATA_DIRNoData storage directory/tmp/code-firewall
NEAR_MISS_THRESHOLDNoNear-miss recording threshold0.70
SIMILARITY_THRESHOLDNoBlock threshold (0-1)0.85

Capabilities

Features and capabilities supported by this server

CapabilityDetails
tools
{
  "listChanged": true
}
prompts
{
  "listChanged": false
}
resources
{
  "subscribe": false,
  "listChanged": false
}
experimental
{
  "tasks": {
    "list": {},
    "cancel": {},
    "requests": {
      "tools": {
        "call": {}
      },
      "prompts": {
        "get": {}
      },
      "resources": {
        "read": {}
      }
    }
  }
}

Tools

Functions exposed to the LLM to take actions

NameDescription
firewall_system_check

Check if system meets requirements for Ollama embeddings.

Verifies: macOS, Apple Silicon (M1/M2/M3/M4), RAM, Homebrew installed. Use before attempting Ollama setup.

firewall_setup_ollama

Install Ollama via Homebrew (macOS).

Args: install: Install Ollama via Homebrew start_service: Start Ollama as a background service pull_model: Pull the embedding model (nomic-embed-text) model: Model to pull (default: nomic-embed-text)

firewall_setup_ollama_direct

Install Ollama via direct download (macOS) - no Homebrew, no sudo.

Args: install: Download and install Ollama to ~/Applications start_service: Start Ollama server in background pull_model: Pull the embedding model (nomic-embed-text) model: Model to pull (default: nomic-embed-text)

firewall_ollama_status

Check Ollama server status and embedding model availability.

Args: force_refresh: Force refresh the cached status

firewall_check

Check if code is safe to pass to execution tools like rlm_exec.

Parses the code, normalizes to structural skeleton, embeds via Ollama, and checks similarity against blacklisted dangerous patterns.

Args: file_path: Path to the code file to check

Returns: { "allowed": bool, # True if safe to proceed "blocked": bool, # True if matched blacklist "similarity": float, # Similarity to closest blacklist match (0-1) "matched_pattern": str, # ID of matched pattern (if blocked) "reason": str, # Why it was blocked (if blocked) "near_miss": bool, # True if close but not blocked "structure_hash": str, # Hash of normalized structure }

firewall_check_code

Check if code string is safe (without requiring a file).

Args: code: The code to check language: Programming language (default: python)

Returns: Same as firewall_check

firewall_blacklist

Add a code pattern to the blacklist.

Either file_path or code must be provided.

Args: file_path: Path to code file to blacklist code: Code string to blacklist (alternative to file_path) reason: Why this pattern is dangerous severity: critical, high, medium, low language: Programming language (used if code is provided)

Returns: {"status": "added", "pattern_id": str, "structure_hash": str}

firewall_record_delta

Record a near-miss variant to help sharpen the classifier.

Use this when code is similar to a blacklisted pattern but represents a legitimate use case, or when a new variant of a dangerous pattern is discovered.

Args: file_path: Path to code file code: Code string (alternative to file_path) similar_to: Pattern ID this is similar to notes: Notes about why this is being recorded language: Programming language

Returns: {"status": "recorded", "delta_id": str}

firewall_list_patterns

List patterns in the blacklist or delta collection.

Args: collection_name: "blacklist" or "deltas" limit: Maximum number of patterns to return

Returns: {"patterns": [...], "count": int}

firewall_remove_pattern

Remove a pattern from the blacklist or delta collection.

Args: pattern_id: The pattern ID to remove collection_name: "blacklist" or "deltas"

Returns: {"status": "removed", "pattern_id": str}

firewall_status

Get firewall status and statistics.

Returns: { "ollama_available": bool, "chromadb_available": bool, "tree_sitter_available": bool, "blacklist_count": int, "delta_count": int, "similarity_threshold": float, "near_miss_threshold": float, }

Prompts

Interactive templates invoked by user choice

NameDescription

No prompts

Resources

Contextual data attached and managed by the client

NameDescription

No resources

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/egoughnour/code-firewall-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server