A firewall specifically designed to catch prompt injection attacks before they hit your AI agent. It scans incoming prompts, RAG documents, and tool arguments using both pattern matching and heuristics to detect OWASP LLM Top 10's number one threat. Install it via pip, configure it as an MCP server with stdio transport, and it sits between user input and your agent's processing layer. Useful when you're exposing agents to untrusted input or pulling content from external sources that could contain hidden instructions. Part of CSOAI's compliance-focused tooling, so it includes audit logging and documentation aimed at EU AI Act requirements. MIT licensed and production ready.
claude mcp add --transport stdio csoai-org-agent-prompt-injection-firewall-mcp uvx agent-prompt-injection-firewall-mcp