Dimitris ZervasMar 2

This is the first release of #MCP-Firewall!

It allows far more granular control over what commands/tools are allowed/denied/require manual approval

Built with #go and directly pluggable to #claude's (or gh copilot cli) PreToolUse hook

https://github.com/dzervas/mcp-firewall

GitHub - dzervas/mcp-firewall

Contribute to dzervas/mcp-firewall development by creating an account on GitHub.

GitHub
Show threadDimitris Zervas

here for example is a ruleset to allow kubectl get *, including kubectl -n <namespace> get * but not kubectl get secrets

The policies are defined jsonnet (== json with wings) so one could create a library of common used rules and import per-project!

Mar 2 at 12:18amWeb