Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| MCPGUARD_PROXY__HOST | No | Host for the security gateway. Default: 127.0.0.1 | 127.0.0.1 |
| MCPGUARD_PROXY__PORT | No | Port for the security gateway. Default: 8000 | 8000 |
| MCPGUARD_TAINT__MODE | No | Taint tracking mode. Options: decorator, ebpf, hybrid, disabled. Default: hybrid | hybrid |
| MCPGUARD_SANDBOX__BACKEND | No | Execution backend for tools. Options: docker, firecracker, wasm, microsandbox. Default: docker | docker |
| MCPGUARD_POLICY__POLICY_PATHS | No | Paths to YAML policy files, typically provided as a list or string. | |
| MCPGUARD_POLICY__DEFAULT_ACTION | No | Default action for policy evaluation (e.g., allow, deny, audit, sandbox). Default: deny | deny |
| MCPGUARD_OBSERVABILITY__LOG_LEVEL | No | Logging level for the server. Default: info | info |
| MCPGUARD_SANDBOX__TIMEOUT_SECONDS | No | Timeout for sandbox execution in seconds. Default: 30 | 30 |
| MCPGUARD_OBSERVABILITY__OTLP_ENDPOINT | No | Endpoint for OpenTelemetry export. | |
| MCPGUARD_OBSERVABILITY__METRICS_ENABLED | No | Whether to enable Prometheus metrics. Default: true | true |
Capabilities
Server capabilities have not been inspected yet.
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
No tools | |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |