Ship MCP servers you can actually trust.
MCPShield is a Rust runtime sandbox for Model Context Protocol servers. A drop-in wrapper that enforces capability allowlists, filters outbound traffic, and exports behavioral telemetry — aligned to the NSA May-2026 MCP security guidance, in a single cargo add.
- Apache-2.0 open source
- NSA May-2026 MCP guidance aligned
- OTel GenAI semconv v1.36+
- 100% Rust — zero GC pauses
- EU data residency by default
Guardrails the MCP spec leaves to you
Sandboxing, DLP, outbound filtering, message integrity, and output filtering — enforced at the runtime boundary, not bolted on after.
Capability allowlists
Only the tools and resource URIs you approve ever reach the wrapped MCP server. Everything else is denied by default.
Outbound proxy filtering + DLP
Every outbound call passes the proxy filter, regex DLP, and IOC corpus before it is allowed to leave the sandbox.
Behavioral telemetry
Tool-call events and sandbox outcomes export as OpenTelemetry GenAI semconv v1.36+ spans — no custom agent required.
Supply-chain attestation
Policies are cryptographically signed so you can prove which guardrails were enforced for every deployment.
Wrap a server in minutes
Add the crates to your workspace, declare a capability allowlist and outbound filter, and wrap any stdio MCP server. No daemon, no sidecar — the sandbox runs in-process.
# Cargo.toml
[dependencies]
mcpshield-runtime = { git = "https://github.com/mcpshieldvow/mcpshield-runtime" }
mcpshield-policy = { git = "https://github.com/mcpshieldvow/mcpshield-runtime" }
mcpshield-telemetry = { git = "https://github.com/mcpshieldvow/mcpshield-runtime" }Start securing your MCP deployment
Join the early-access program for the hosted control plane, or pull the crates and self-host today. Both speak the same telemetry.