A security middleware layer that sits between Claude and your MCP servers to block prompt injections, redact PII, and prevent runaway API costs. Uses Meta's PromptGuard locally to score tool arguments for adversarial patterns, Microsoft Presidio to mask sensitive data in responses, and token bucket limits to kill infinite loops before they drain your budget. Adds RBAC for tools, schema validation on arguments, and audit logs with structured deny reasons. Ships as Python middleware that hooks into standard MCP JSON-RPC traffic with claimed sub-5ms overhead. Designed for enterprises running MCP servers against production databases or APIs where a single malicious prompt or agent hallucination could leak customer data or rack up five-figure LLM bills.
claude mcp add --transport stdio vaquarkhan-mcp-bastion -- npx -y @mcp-bastion/core