Secure Claude's MCP tool calls
McpVanguard adds a deterministic security boundary for Claude Desktop MCP traffic routed through the proxy, applying configured checks before the selected tool call reaches the server.
Prompt injection defense
Deterministic rules inspect configured patterns in routed tool arguments before Claude's request reaches the MCP server.
Safe zone enforcement
Configure filesystem safe zones, network-destination rules, and tool policies for the profile you deploy.
Structured audit log
Routed decisions can emit structured audit events with the applicable rule, outcome, and timestamp.
Set up in 3 steps
No changes to Claude Desktop or your MCP server code. McpVanguard wraps the server.
Install McpVanguard
pip install mcp-vanguard
Wrap your MCP server
vanguard start \ --profile balanced \ --server npx @modelcontextprotocol/server-filesystem /path
Point Claude Desktop at the proxy
# claude_desktop_config.json
{
"mcpServers": {
"filesystem": {
"command": "vanguard",
"args": ["start", "--profile",
"balanced", "--server",
"npx", "@modelcontextprotocol/server-filesystem",
"/path/to/files"]
}
}
}Common questions
How do I add MCP security to Claude Desktop?
Install McpVanguard via pip (pip install mcp-vanguard), then update your Claude Desktop config to route the MCP tool calls you want inspected through the proxy. McpVanguard wraps existing MCP servers without requiring changes to Claude or the server implementation.
How does McpVanguard reduce prompt-injection impact in Claude Desktop?
McpVanguard can reduce prompt-injection impact at the execution boundary by applying configured deterministic checks to MCP tool calls routed through the proxy. It is not a universal model or client-level prompt-injection guarantee.
Does McpVanguard support Claude Desktop's local MCP servers?
Yes. McpVanguard supports both stdio (local process) and SSE (hosted) MCP servers. The stdio mode is specifically designed for wrapping local MCP servers like those used by Claude Desktop.
Stay ahead of agentic threats
Follow our latest research on MCP vulnerabilities, defensive architecture, and verifiable execution. We publish updates on the site and in the RSS feed.