Is Agent Firewall free?

Yes, Agent Firewall is free to use.

How do I install Agent Firewall?

Agent Firewall is a local plugin. Install it using npm package: agent-firewall-mcp and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

Is Agent Firewall safe to use?

Agent Firewall was flagged by MCP Marketplace's security scan, scoring 4.2/10 (high risk). It has 3 high or critical findings to review. Review the security report on this page carefully before installing it.

What AI apps work with Agent Firewall?

Agent Firewall uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Agent Firewall MCP Server

by Mlawsonking

SecurityUse Caution4.2MCP RegistryLocal

Free

Server data from the Official MCP Registry

Input/output safety for AI agents: prompt-injection scan, URL/IP check, pwned passwords, PII scan.

About

Input/output safety for AI agents: prompt-injection scan, URL/IP check, pwned passwords, PII scan.

Security Report

4.2

Use Caution4.2High Risk

The Agent Firewall/Tools/Package Guard MCP servers are well-structured with appropriate security controls for their intended purpose. They implement SSRF guards, input validation, and deterministic operations without LLM calls. Minor code quality issues (broad exception handling, some missing validation edge cases) and reasonable network/env-var permissions lower the score slightly, but no critical vulnerabilities or malicious patterns are present. Supply chain analysis found 3 known vulnerabilities in dependencies (0 critical, 3 high severity). Package verification found 1 issue.

8 files analyzed · 13 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

HTTP Network Access

Connects to external APIs or services over the internet.

env_vars

Check that this permission is expected for this type of plugin.

dns_lookup

Check that this permission is expected for this type of plugin.

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-mlawsonking-agent-firewall-mcp": {
      "args": [
        "-y",
        "agent-firewall-mcp"
      ],
      "command": "npx"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

Agent Tools — deterministic tools for AI agents (MCP + APIs)

A family of deterministic tools that AI agents and developers call constantly — each exposed both as plain HTTP APIs and as an MCP server. No LLM in the loop, no API keys for the free tier, no tracking. Same input → same output. Just reliable, boring, useful tools.

The products

Product	What it does	Install (MCP)	Live demo	Marketplace
Agent Web Tools	10 web utilities: URL→Markdown, metadata, email validate, CSS scrape, RSS, DNS/RDAP/SSL/HTTP/structured-data	`npx -y web-tools-mcp`	agent-tools-api.vercel.app	RapidAPI
Package Guard	Supply-chain guard for coding agents: verify a package exists (catch slopsquat/hallucinations), vulns/malware (OSV), typosquats, audit deps	`npx -y package-guard-mcp`	package-guard.vercel.app	RapidAPI
Agent Firewall	Input/output safety: detect prompt-injection/jailbreak, vet URLs & IPs, pwned-password (HIBP), secret/PII redaction	`npx -y agent-firewall-mcp`	agent-firewall-seven.vercel.app	RapidAPI
Payment Guard	Pre-send risk check for agents that move money: screen a crypto address (or ENS name) / payment URL for OFAC sanctions, scams, and on-chain risk before a transfer	`npx -y payment-guard-mcp`	payment-guard.vercel.app	RapidAPI: pending

All four: deterministic, no LLM, free serverless tier; paid plans via RapidAPI for higher volume. The last three form the AI-agent safety suite: Package Guard (supply chain) · Agent Firewall (input/output) · Payment Guard (money).

Quick start (MCP)

Add any or all to your client's mcpServers config (Claude Desktop, Cursor, Claude Code, …):

{
  "mcpServers": {
    "agent-tools":     { "command": "npx", "args": ["-y", "web-tools-mcp"] },
    "package-guard":   { "command": "npx", "args": ["-y", "package-guard-mcp"] },
    "agent-firewall":  { "command": "npx", "args": ["-y", "agent-firewall-mcp"] },
    "payment-guard":   { "command": "npx", "args": ["-y", "payment-guard-mcp"] }
  }
}

1) Agent Web Tools — 10 web utilities · `web-tools-mcp`

Tool	Endpoint	Returns
`read_url`	`/api/read`	page → clean Markdown (RAG)
`unfurl_url`	`/api/meta`	title/description/image/favicon
`validate_email`	`/api/validate-email`	syntax + MX/A DNS + disposable/role
`extract_web`	`/api/extract`	CSS-selector scrape → JSON
`get_feed`	`/api/feed`	RSS/Atom → JSON items
`dns_lookup`	`/api/dns`	DNS records + SPF/DMARC
`domain_info`	`/api/domain`	RDAP: age, registrar, expiry
`ssl_check`	`/api/ssl`	TLS cert, days-to-expiry, trust
`http_inspect`	`/api/http`	redirect chain + security headers
`structured_data`	`/api/structured`	JSON-LD / schema.org / OpenGraph

Base: https://agent-tools-api.vercel.app. Code: agent-tools-mcp/ + agent-tools-api/.

2) Package Guard — supply-chain guard for coding agents · `package-guard-mcp`

verify_package (the pre-install guard), check_vulns (OSV), package_info, audit_deps, typosquat_scan. Data: OSV.dev + npm/PyPI. Base: https://package-guard.vercel.app. Code: package-guard-mcp/ + package-guard/.

3) Agent Firewall — input/output safety · `agent-firewall-mcp`

scan_content (prompt-injection/jailbreak/obfuscation), scan_secrets (+ PII redaction), check_url, check_ip, check_password (HIBP k-anonymity). Data: HIBP, RDAP, Tor, Team Cymru. Base: https://agent-firewall-seven.vercel.app. Code: agent-firewall-mcp/ + agent-firewall/.

4) Payment Guard — pre-send risk check for agents that move money · `payment-guard-mcp`

screen_address (address/ENS → OFAC-sanctioned? scam? on-chain risk → verdict), screen_payment (x402/ payment URL risk), check_sanctioned (fast OFAC), resolve_name (ENS → address, screened). Data: OFAC SDN + ethereum-lists + ScamSniffer + public RPC + ENS. Chains: ETH/Base/Polygon/Arbitrum/Optimism. Base: https://payment-guard.vercel.app. Code: payment-guard-mcp/ + payment-guard/.

🛡️ Built right

http/https only · DNS-resolved SSRF guard · request timeouts · response size caps · content-type checks. Deterministic — same input, same output. No LLM, no paid data sources. Each API is a serverless function on a free tier; the MCP servers are thin stdio wrappers that call the same endpoints.

License

MIT — see LICENSE. Contributions and tool suggestions welcome.

Reviews

No reviews yet

Be the first to review this server!

More Security MCP Servers

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

mcp-creator-python

Free

by mcp-marketplace · Developer Tools

Create, build, and publish Python MCP servers to PyPI — conversationally.

MarkItDown

Free

by Microsoft · Content & Media

Convert files (PDF, Word, Excel, images, audio) to Markdown for LLM consumption

Agent Firewall MCP Server

About

Security Report

Findings (13)Action required

Permissions Required

How to Install

Documentation

Agent Tools — deterministic tools for AI agents (MCP + APIs)

The products

Quick start (MCP)

1) Agent Web Tools — 10 web utilities · `web-tools-mcp`

2) Package Guard — supply-chain guard for coding agents · `package-guard-mcp`

3) Agent Firewall — input/output safety · `agent-firewall-mcp`

4) Payment Guard — pre-send risk check for agents that move money · `payment-guard-mcp`

🛡️ Built right

License

Reviews

No reviews yet

More Security MCP Servers

Toleno

mcp-creator-python

MarkItDown

FinAgent

MCP Marketplace

mcp-creator-typescript

Agent Firewall MCP Server

About

Security Report

Findings (13)Action required

Permissions Required

How to Install

Documentation

Agent Tools — deterministic tools for AI agents (MCP + APIs)

The products

Quick start (MCP)

1) Agent Web Tools — 10 web utilities · web-tools-mcp

2) Package Guard — supply-chain guard for coding agents · package-guard-mcp

3) Agent Firewall — input/output safety · agent-firewall-mcp

4) Payment Guard — pre-send risk check for agents that move money · payment-guard-mcp

🛡️ Built right

License

Reviews

No reviews yet

More Security MCP Servers

Toleno

mcp-creator-python

MarkItDown

FinAgent

MCP Marketplace

mcp-creator-typescript

1) Agent Web Tools — 10 web utilities · `web-tools-mcp`

2) Package Guard — supply-chain guard for coding agents · `package-guard-mcp`

3) Agent Firewall — input/output safety · `agent-firewall-mcp`

4) Payment Guard — pre-send risk check for agents that move money · `payment-guard-mcp`