MCP.so
Sign In
Servers
N

NOVA MCP lets you configure NOVA (the prompt pattern matching) as a guardrail for your AI system.

@fr0gger

The NOVA MCP Security Gateway is a prompt-validation service that runs first in your Model Context Protocol (MCP) chain. It loads Nova rules (in .nov format), checks each incoming prompt against these rules, and blocks any that match high-severity security or jailbreak patterns.

Overview

What is NOVA MCP Security Gateway?

The NOVA MCP Security Gateway is a prompt-validation service that runs first in your Model Context Protocol (MCP) chain. It loads Nova rules (in .nov format), checks each incoming prompt against these rules, and blocks any that match high-severity security or jailbreak patterns. It is intended for developers who need to guard AI systems against malicious prompts.

How to use NOVA MCP Security Gateway?

Install dependencies with pip install -r requirements.txt, create a .env file with your LLM credentials, and place your Nova rule files in the nova_rules/ directory. Run the server via python nova_mcp_server.py. Optionally use the provided client.py to test. To enforce the gateway, include the recommended system prompt instructing your LLM to call the MCP for every prompt before responding.

Key features of NOVA MCP Security Gateway

  • Rule-based filtering using keywords, semantics, LLM patterns
  • Configurable rules directory (nova_rules/)
  • Structured JSON logging of authorized and blocked prompts
  • Supports OpenAI, Anthropic, Azure OpenAI, Ollama, Groq
  • Returns NOT AUTHORIZED with rule details on match

Use cases of NOVA MCP Security Gateway

  • Prevent jailbreak attempts before AI response generation
  • Enforce security policies on user prompts in MCP chain
  • Audit and log blocked prompts for compliance
  • Validate prompts using custom NOVA rules

FAQ from NOVA MCP Security Gateway

What is NOVA MCP Security Gateway and how does it differ from other guardrails?

It is a prompt-validation service that runs first in the MCP chain using NOVA rules, returning NOT AUTHORIZED for matches, unlike many tools that operate outside the MCP protocol.

What dependencies or runtime requirements does it have?

Python 3, the packages in requirements.txt, and a .env file containing API keys for the chosen LLM evaluator (e.g., OpenAI, Anthropic, Groq, etc.). NOVA itself must also be installed per its documentation.

Where are the rules and logs stored?

Rules are stored as .nov files in the nova_rules/ directory. All events are logged in logs/nova_matches.log.

How does transport or authentication work?

The server listens on STDIO for validate_prompt calls. Authentication is handled via environment variables set in the .env file (e.g., OPENAI_API_KEY).

Are there any known limitations?

There is no native way to force MCP execution order; the current approach relies on a system prompt instructing the LLM to always call the MCP first. The server must be restarted to load new or modified rules.

Tags

More from Other