https://github.com/facebook/mcpguard-dynamic
Kernel-level eBPF sandbox for securing LLM agent tool calls made through the Model Context Protocol (MCP)
https://github.com/facebook/mcpguard-dynamic
Last synced: 24 days ago
JSON representation
Kernel-level eBPF sandbox for securing LLM agent tool calls made through the Model Context Protocol (MCP)
- Host: GitHub
- URL: https://github.com/facebook/mcpguard-dynamic
- Owner: facebook
- License: mit
- Created: 2026-05-19T20:48:24.000Z (about 2 months ago)
- Default Branch: main
- Last Pushed: 2026-05-27T13:43:09.000Z (about 2 months ago)
- Last Synced: 2026-06-21T14:57:03.958Z (25 days ago)
- Language: C
- Homepage:
- Size: 1.61 MB
- Stars: 53
- Watchers: 0
- Forks: 7
- Open Issues: 0
Awesome Lists containing this project
- awesome-agent-runtime-security - MCPGuard - LSM, MCP | Kernel-level sandboxing for MCP tool calls: transparent proxy treating MCP servers as untrusted. Three layers — per-server capability policy, argument validation (injection detection), and BPF LSM programs (file/net/proc/fork guards) enforcing at the syscall boundary with fork tracking. 82-case benchmark, 0% FPR. | (Provenance, Instrumentation & Observability)
- awesome-harness-engineering - mcpguard-dynamic - level eBPF sandbox for MCP tool calls: a transparent proxy that enforces capability policies through a policy engine, argument validator, and BPF LSM hooks (file, network, process, fork), so a compromised or malicious MCP server cannot bypass restrictions at the application layer. Includes a 14-server, 82-case benchmark showing the full defense stack achieves 68.9% attack prevention with zero false positives.  (Security, Sandbox & Permissions / Adjacent Collections)