M
MCP Aegis
Open-source security layer for the Model Context Protocol ecosystem.
Created 3/17/2026
Updated about 4 hours ago
README
Repository documentation and setup instructions
MCP Aegis
Open-source security layer for the Model Context Protocol ecosystem.
MCP Aegis aims to make third-party MCP servers safer to discover, evaluate, install, and run. The initial direction is:
- security-aware MCP subregistry
- install-time verification and risk scoring
- policy-based approval and version pinning
- sandboxed execution for local MCP servers
- runtime audit trails for MCP tool usage
Why This Project
The MCP ecosystem is growing quickly, but trust and runtime isolation are still weak in most real-world setups. MCP Aegis focuses on the missing control plane:
- which MCP servers should be trusted
- which versions are allowed
- what a server can access at runtime
- how teams can audit what happened later
Current Status
This repository is in the architecture phase.
Available now:
- initial system architecture
Planned next:
- threat model
- policy spec
- MVP service skeleton
Architecture
See docs/architecture.md for the current design, including:
- high-level architecture
- trust boundaries
- install and runtime flows
- deployment topology
- OSS-friendly repository structure
MVP Direction
The first open-source release should focus on:
- MCP subregistry with security metadata
- scan pipeline and explainable risk scoring
- policy engine for allow, block, and pin decisions
- Docker-based sandbox for local stdio MCP servers
- CLI installer for approved MCP configurations
License
Apache-2.0
Quick Setup
Installation guide for this server
Installation Command (package not published)
git clone https://github.com/xiao-zi-chen/mcp-aegis
Manual Installation: Please check the README for detailed setup instructions and any additional dependencies required.
Cursor configuration (mcp.json)
{
"mcpServers": {
"xiao-zi-chen-mcp-aegis": {
"command": "git",
"args": [
"clone",
"https://github.com/xiao-zi-chen/mcp-aegis"
]
}
}
}