MCP Endpoint Shield

MCP Endpoint Shield provides runtime security and auto-discovery of local MCP servers configured on your machine. It acts as a protective layer between the MCP client (e.g., Cursor, VS Code, Claude) and the MCP servers—requiring no changes to your setup.

What is Agentic Endpoint Shield?

Endpoint Shield continuously monitors employee devices to identify and track:

AI Agents: All deployed agents across web, desktop, and endpoint devices
MCP Servers: Model Context Protocol server instances running locally or remotely
Device Information: Complete device inventory with hardware IDs, usernames, and locations
Agent Activity: Real-time heartbeat monitoring and deployment status
MCP Connections: Server URLs, connection health, and last seen timestamps

✨ Features

✅ Continuous safety checks on all requests and responses to the MCP servers
✅ Automatic blocking of unsafe interactions (via standard JSON-RPC errors)
✅ Works out-of-the-box with popular MCP clients (Cursor, VS Code, Claude)
✅ Zero changes required in your MCP server

📦 Installation

The tool is provided as an installable binary for your platform (Linux, macOS, Windows).
Download the binary from the official release page and place it in your system path ($PATH) for easy CLI access.

Example (macOS/Linux):

chmod +x mcp-endpoint-shield
mv mcp-endpoint-shield /usr/local/bin/

🔍 Auto-Detection

Akto MCP Endpoint Shield automatically detects MCP client configurations:

Cursor → Reads ~/.cursor/mcp.json
Visual Studio Code → Reads .vscode/mcp.json inside your workspace
Claude Desktop → Reads Claude’s MCP config JSON

For each detected MCP server config:

The JSON file is parsed.
Each server entry is automatically wrapped with Akto MCP Endpoint Shield.
Your MCP clients transparently run through the shield without requiring manual reconfiguration.

👉 You don’t need to manually edit your MCP config files — the wrapper handles this for you.

📄 Example — Cursor `mcp.json`

Original file (before wrapping):

{
  "mcpServers": {
    "playwright-mcp": {
      "command": "npx",
      "args": [
        "-y"
        "@playwright/mcp@latest"
      ]
    }
  }
}

Automatically wrapped file (after Akto MCP Endpoint Shield):

{
  "mcpServers": {
    "playwright-mcp-endpoint-shield": {
      "command": "mcp-endpoint-shield",
      "args": [
        "stdio",
        "--name",
        "playwright-mcp",
        "--akto-api-token",
        "<your akto api token>",
        "--exec",
        "npx",
        "-y",
        "@playwright/mcp@latest"
      ]
    }
  }
}

What changed:

The server is renamed from playwright-mcp → playwright-mcp-endpoint-shield.
mcp-endpoint-shield is now the entry command.
Original server command (npx @playwright/mcp@latest) is passed through --exec.
Security flags (--akto-api-token) are automatically injected.

🚀 Quick Start (Manual Run)

If you want to run manually (instead of auto-detection):

mcp-endpoint-shield stdio --name <project_name> --akto-api-token <token> --exec <your_mcp_server_command> [args...]

Examples

Python server:

mcp-endpoint-shield stdio --name my-mcp --akto-api-token <TOKEN> --exec uv run server.py

Dockerized server:

mcp-endpoint-shield stdio --name my-mcp --akto-api-token <TOKEN> --env AKTO_API_KEY=<TOKEN> --exec docker run --rm -i -e AKTO_API_KEY=<TOKEN> your/mcp-image:latest

⚙️ Common Flags

--name <project_name> → Friendly label used in logs and insights
--akto-api-token <token> → Your Akto API token
--exec <command> [args...] → Command to start your MCP server
--env KEY=VALUE (repeatable) → Pass additional environment variables to the MCP process

🛠 How It Works (Behind the Scenes)

The wrapper launches your MCP server.
Every request/response line is intercepted.
Safe traffic passes through unchanged.
Unsafe traffic is blocked, returning a clear JSON-RPC error to the client.
Metadata is recorded (lightweight, opt-in) to improve detection and insights.

📜 Logging

Location: $HOME/.akto/mcp_endpoint_shield.log
Format: human-readable text logs
Includes: project name (--name) for easy filtering
Rotation: automatic (size-based) to prevent unbounded growth

💻 Using with Cursor (at a glance)

In Cursor settings, configure your MCP server to run through the wrapper.
Place your original MCP server command after --exec.
(Optional: Add a diagram/screenshot here for clarity.)

🧩 Troubleshooting

Issue: Auto-detection didn’t work ➡ Cause: Custom MCP config location or unsupported client. ➡ Fix: Run your server manually with --exec.

Issue: Unexpected end of JSON input ➡ Cause: Your MCP server is writing non-protocol logs to stdout. ➡ Fix: Use stderr for logs instead.

Issue: ERROR writing to MCP stdin: file already closed ➡ Cause: MCP server exited or closed stdin prematurely. ➡ Fix: Run your server standalone to confirm stability.

Issue: No insights appearing ➡ Cause: Some tools don’t use standard JSON-RPC IDs. ➡ Fix: Safety still applies, but insights may be limited.

🔒 Guarantees

✅ Transparency: Safe traffic is never altered.
✅ Clarity: Unsafe traffic always results in a clear JSON-RPC error.
✅ Minimal footprint: Designed to stay invisible unless an issue occurs.

Get Support for your Akto setup

There are multiple ways to request support from Akto. We are 24X7 available on the following:

In-app intercom support. Message us with your query on intercom in Akto dashboard and someone will reply.
Join our discord channel for community support.
Contact [email protected] for email support.
Contact us here.

Last updated 11 days ago

Good afternoon