Agent Firewall
Detects if an IP address is a Tor exit node using Tor Project's data.
agent-firewall-mcp
Input/output safety gate for AI agents, as an MCP server. The 2026 doctrine (OWASP LLM01): treat every external input the agent touches as hostile. Google measured a +32% surge in prompt-injection payloads embedded in web content over three months of 2026.
{ "mcpServers": { "agent-firewall": { "command": "npx", "args": ["-y", "agent-firewall-mcp"] } } }Tools
scan_content— detect prompt injection / jailbreak / obfuscation (zero-width, bidi, hidden HTML) in text or a fetched URL →allow/review/block.scan_secrets— detect leaked API keys/tokens/private-keys + PII (Luhn-checked cards, SSNs, emails) → findings + a redacted copy.check_url— URL/domain safety: heuristics + domain age (RDAP) + redirect chain →safe/suspicious/malicious.check_ip— IP reputation: Tor exit, ASN/org (Team Cymru), reverse DNS, datacenter, blocklist → verdict.check_password— is a password in a known breach? HIBP Pwned Passwords (k-anonymity; plaintext never leaves the server).
Deterministic, free, no LLM. Data: HIBP, RDAP, Tor Project, Team Cymru, DNS + curated rulesets.
Backed by the live API https://agent-firewall-seven.vercel.app (override with AGENT_FIREWALL_API).
Part of the Agent Tools family. MIT.
This server cannot be installed
Maintenance
Latest Blog Posts
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/mlawsonking/MCP'
If you have feedback or need assistance with the MCP directory API, please join our Discord server