Agent Prompt Injection Firewall MCP

WAF for AI agents — block prompt injection before it reaches the LLM

Agents that blindly forward user input + retrieved documents to other agents are the #1 production AI vulnerability (OWASP LLM01). This MCP is the pre-flight gate.

By MEOK AI Labs.

Quick Install

Install

pip install agent-prompt-injection-firewall-mcp

Tools

• scan_prompt

• define_custom_rule

• list_rules

• scan_log

• sign_firewall_attestation

Claude Desktop

{
  "mcpServers": {
    "agentpromptinjectionfirewall": { "command": "agent-prompt-injection-firewall-mcp" }
  }
}

Tiers

• Free — generous daily limit (100-1,000 depending on operation)

• Pro £199/mo — unlimited + signed HMAC attestations with public verify URLs — subscribe

• Enterprise £1,499/mo — multi-tenant + custom predicate DSL + SIEM webhook push — subscribe

Why this exists

The EU AI Act (Aug 2026), DORA (live), ISO 42001, and OWASP LLM01 Top-10 all demand runtime controls for agent systems — not just deployment-time audits. This MCP is that runtime control layer, emitting cryptographically signed evidence your auditor accepts.

Related MEOK A2A MCPs

• agent-policy-enforcement-mcp — per-pair IAM

• agent-handoff-certified-mcp — signed delegation chain

• agent-prompt-injection-firewall-mcp — prompt injection WAF

• agent-rate-limiter-mcp — fleet-wide quota

• agent-audit-logger-mcp — hash-chained signed log

• a2a-governance-bridge-mcp — map A2A to compliance frameworks

• meok-attestation-verify — independent cert verifier

License

MIT — MEOK AI Labs, 2026.