- Explore MCP Servers
- safe-mcp
Safe Mcp
What is Safe Mcp
safe-mcp is a Python security library designed for LLM tool developers and MCP server operators. It aims to secure Model Context Protocol (MCP) servers against context poisoning, prompt injection, and untrusted data.
Use cases
Use cases for safe-mcp include securing internal data retrieval functions, managing external API calls, and sanitizing user-generated content to prevent security vulnerabilities.
How to use
To use safe-mcp, install it via pip from the repository and utilize its decorators and utilities to mark tool trust levels, sanitize inputs and outputs, and enforce validation logic.
Key features
Key features include trust level enforcement, security decorators for marking tool trustworthiness, pluggable sanitization options, attack pattern detection, input validation, and composability of decorators for layered security.
Where to use
safe-mcp can be used in various fields including AI development, web applications, and any system that relies on LLMs and requires secure data handling.
Clients Supporting MCP
The following are the main client software that supports the Model Context Protocol. Click the link to visit the official website for more information.
Overview
What is Safe Mcp
safe-mcp is a Python security library designed for LLM tool developers and MCP server operators. It aims to secure Model Context Protocol (MCP) servers against context poisoning, prompt injection, and untrusted data.
Use cases
Use cases for safe-mcp include securing internal data retrieval functions, managing external API calls, and sanitizing user-generated content to prevent security vulnerabilities.
How to use
To use safe-mcp, install it via pip from the repository and utilize its decorators and utilities to mark tool trust levels, sanitize inputs and outputs, and enforce validation logic.
Key features
Key features include trust level enforcement, security decorators for marking tool trustworthiness, pluggable sanitization options, attack pattern detection, input validation, and composability of decorators for layered security.
Where to use
safe-mcp can be used in various fields including AI development, web applications, and any system that relies on LLMs and requires secure data handling.
Clients Supporting MCP
The following are the main client software that supports the Model Context Protocol. Click the link to visit the official website for more information.
Content
safe-mcp
Secure your Model Context Protocol (MCP) servers against context poisoning, prompt injection, and untrusted data.
Overview
safe-mcp is a Python security library for LLM tool developers and MCP server operators. It provides a robust set of decorators and utilities to help you:
- Mark and track the trustworthiness of tool outputs
- Detect and mitigate prompt injection, jailbreaks, and encoding attacks
- Sanitize and validate both inputs and outputs
- Enforce input validation and (optionally) rate limiting
Features
- Trust Level Enforcement: Type-safe responses with explicit trust levels (
TRUSTED
,CAUTION
,UNTRUSTED
) - Security Decorators: Mark tools as trusted/untrusted, sanitize outputs, and validate inputs with simple decorators
- Pluggable Sanitization: Use or extend the built-in sanitizers to filter or warn on malicious content
- Attack Pattern Detection: Detect prompt injection, jailbreak attempts, and hidden encodings
- Input Validation: Enforce custom validation logic on tool inputs
- Composable: Chain decorators for layered security
Installation
Note:
safe-mcp
is not yet published on PyPI.
You can install it directly from the repository:
uv pip install git+https://github.com/Liad0205/safe-mcp
Or, if you have a local copy:
uv pip install /path/to/safe-mcp
Quick Start
from safe_mcp.decorators import safe, unsafe, sanitize, validate_inputs
from safe_mcp.sanitizers.basic import BasicSanitizer
# Mark a tool as trusted (internal data)
@safe
async def get_internal_data(user_id: str):
return {"user_id": user_id, "info": "internal only"}
# Mark a tool as untrusted (external API)
@unsafe
async def fetch_external_api(query: str):
return {"query": query, "result": "external data"}
# Sanitize output from an untrusted source
@sanitize # Uses BasicSanitizer.sanitize by default
@unsafe
async def search_user_content(query: str):
return {"query": query, "content": "<script>alert('xss')</script>"}
# Input validation example
def is_positive(a: int, b: int) -> bool:
return a > 0 and b > 0
@validate_inputs(is_positive)
@safe
async def add_positive_numbers(a: int, b: int):
return a + b
# Custom sanitizer example (e.g., filter encodings)
import functools
@sanitize(sanitizer_func=functools.partial(BasicSanitizer.sanitize, filter_detected_encodings=True))
@unsafe
async def process_text(text: str):
return {"processed": text}
Example: Using with MCP Tools
from mcp.server.fastmcp import FastMCP
from safe_mcp.decorators import safe, unsafe, sanitize
mcp = FastMCP("Demo")
@mcp.tool()
@safe
async def get_internal_data(user_id: str):
return {"user_id": user_id, "info": "internal only"}
@mcp.tool()
@sanitize
@unsafe
async def search_user_content(query: str):
return {"query": query, "content": "<script>alert('xss')</script>"}
Why safe-mcp?
- Defense in Depth: Layer trust marking, sanitization, and validation for robust protection.
- Easy Integration: Add security to your MCP tools with a single decorator.
- Extensible: Plug in your own sanitizers or validation logic.
- Transparent: All responses are wrapped with trust level and warnings for downstream handling.
License
MIT
Dev Tools Supporting MCP
The following are the main code editors that support the Model Context Protocol. Click the link to visit the official website for more information.