MCP.so
登录

Rce Guard

@studiomeyer-io

关于 Rce Guard

Foundation Pillar 9: Layer-3 RCE defense for MCP servers via policy synthesis + behavioral CVE replay + cross-server canary tracking. v0.1 descriptor-only; v0.2 ships native enforcement.

基本信息

许可证

MIT

运行时

node

发布者

studiomeyer-io

提交者

Matthias Meyer - StudioMeyer

配置

使用下面的配置,将此服务器添加到你的 MCP 客户端。

{
  "mcpServers": {
    "mcp-rce-guard": {
      "command": "npx",
      "args": [
        "-y",
        "mcp-rce-guard",
        "serve"
      ]
    }
  }
}

工具

未检测到工具

工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。

概览

What is Rce Guard?

Foundation Pillar 9: Layer-3 RCE defense for MCP servers via policy synthesis + behavioral CVE replay + cross-server canary tracking. v0.1 descriptor-only; v0.2 ships native enforcement.

How to use Rce Guard?

The README includes setup instructions such as npx -y mcp-rce-guard serve.

Key features of Rce Guard

  • A typed, validated way to describe what an MCP subprocess is allowed to read, write, spawn, and talk to
  • NFKC + zero-width strip + Bidi-block normalization shared with Pillar 8 (mcp-stdio-shellguard)
  • Audit-log rotation has a TOCTOU window (src/audit/log.ts
  • In-memory state lost on restart (src/state.ts). Registered
  • mcp-protocol-validator CI step is not a hard gate

Use cases of Rce Guard

  • Connect an MCP-compatible client to this repository's service.
  • Review the README-backed setup before enabling it in production.

FAQ from Rce Guard

Where is the source code for Rce Guard?

The source code is linked from the repository URL on this page.

Does Rce Guard include a standard MCP config?

If the README contains a parseable MCP configuration block, it is shown in the Config tab.

评论

更多 MCP 服务器