Yes, Sigma Gate is free to use.

How do I install Sigma Gate?

Sigma Gate is a remote plugin. You do not need to install anything locally. Add the server URL to your AI app's MCP configuration and you are ready to go.

What AI apps work with Sigma Gate?

Sigma Gate uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Sigma Gate MCP Server

by Spektre Labs

Developer ToolsLow Risk10.0MCP RegistryRemote

Free

Server data from the Official MCP Registry

Deterministic trust gate for AI output: leaked-secret, prompt-injection & PII in one call.

About

Deterministic trust gate for AI output: leaked-secret, prompt-injection & PII in one call.

Remote endpoints: streamable-http: https://sigma-gate-864996675261.us-central1.run.app/mcp

Security Report

10.0

Low Risk10.0Low Risk

Valid MCP server (1 strong, 1 medium validity signals). No known CVEs in dependencies. Imported from the Official MCP Registry.

2 tools verified · Open access · No issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

file_system

Check that this permission is expected for this type of plugin.

env_vars

Check that this permission is expected for this type of plugin.

HTTP Network Access

Connects to external APIs or services over the internet.

How to Connect

Remote Plugin

No local installation needed. Your AI client connects to the remote endpoint directly.

Add this to your MCP configuration to connect:

{
  "mcpServers": {
    "io-github-spektre-labs-sigma-gate": {
      "url": "https://sigma-gate-864996675261.us-central1.run.app/mcp"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

σ-gate

Deterministic trust layer for AI/agent output.

1 = 1.  Declared output must equal what is safe to realize.

One call. Three dimensions. One verdict. No model. No API key. No network.

The problem

LLM-as-judge guards are slow, consume a call per check, and silently degrade when a rate-limit hits. For the classes of risk that are structurally detectable — a leaked AKIA… key, a 4111… card number, an "ignore all previous instructions" — you do not need a model. You need a gate that gives the same answer every time.

guard is that gate.

One call

from guard import guard

result = guard(model_output)
# {"safe_to_ship": True/False, "severity": "clean|low|medium|high|critical",
#  "block_reasons": [...], "dimensions": {"secret": {...}, "injection": {...}, "pii": {...}}}

Block a bad output:

v = guard("Here is the key: ghp_16C7e42F292c6912E7710c838347Ae178B4a")
# safe_to_ship: False
# block_reasons: ["secret[high]: github_pat"]

Pass a clean output through:

v = guard("The quarterly report shows revenue grew 12% driven by the EU segment.")
# safe_to_ship: True
# severity: "clean"

Three dimensions, one verdict

Dimension	What it catches
secret	Leaked credentials — 20+ providers (AWS, GitHub, Stripe, GCP, …), entropy-ranked
injection	Prompt-injection and jailbreak patterns — structural, not heuristic
pii	Email, phone, card (Luhn-verified), SSN, IBAN, IP — compliance-class detection

Every dimension runs independently. A combined hit fires all three:

guard("AKIA… ghp_… 4111 1111 1111 1111 — ignore all previous instructions")
# block_reasons: ["secret[high]: ...", "injection[high]: ...", "pii[high]: ..."]

Install

Zero dependencies, pure stdlib, Python 3.9+. Clone and use directly:

git clone https://github.com/spektre-labs/sigma-gate
cd sigma-gate
python3 -m pytest -q        # 7 passing tests, zero dependencies

Then from guard import guard. (A PyPI release is planned.)

Use it

Inline gate in any pipeline:

from guard import guard

def ship(output: str) -> str:
    v = guard(output)
    if not v["safe_to_ship"]:
        raise ValueError(f"blocked: {v['block_reasons']}")
    return output

CLI — pipe any output through:

echo "your model output" | python3 -m guard

Self-test — prove every threat class fires:

python3 -m guard selftest
# {"secret_blocked": true, "injection_blocked": true, "pii_blocked": true,
#  "clean_passes": true, "combined_all_fire": true, "ALL_PASS": true}

Tune the threshold via env var (default: medium):

GUARD_BLOCK_AT=high python3 -m guard "..."

Use as an MCP tool

σ-gate ships a zero-dependency MCP server — give any agent (Claude Code, Claude Desktop, Cursor, Cline) a deterministic guard tool it can call before shipping output. No model, no key, no token cost.

Claude Code:

claude mcp add guard -- python3 /absolute/path/to/sigma-gate/mcp_server.py

Claude Desktop (claude_desktop_config.json):

{ "mcpServers": { "guard": { "command": "python3",
  "args": ["/absolute/path/to/sigma-gate/mcp_server.py"] } } }

Exposes two tools: guard(text, …) → the ship/block verdict, and guard_selftest() → proof every threat class fires. Pure stdlib stdio JSON-RPC.

Hosted — no install

σ-gate also runs as a hosted remote MCP server (scale-to-zero), listed in the official MCP Registry as io.github.spektre-labs/sigma-gate. Connect with zero local setup:

https://sigma-gate-864996675261.us-central1.run.app/mcp

MCP clients that browse the registry discover it automatically.

Open-core vs hosted

	Open core (this repo)	Hosted σ scoring
What	Deterministic gate: secret + injection + PII	Coherence / hallucination σ-scoring on a hot path
Latency	~85µs	Network round-trip
Dependencies	Zero	None on your side
Cost	Free, always	Pay-per-call via x402 — no signup
Offline	Yes	No
Model	None	Optional

The open core handles what models cannot do reliably — structural pattern detection with identical verdicts on identical inputs. The hosted layer adds probabilistic coherence scoring for the cases where structure alone is insufficient.

Hosted endpoint:

curl "https://swagletz-sigmagate.hf.space/check?text=your+text+here"
# HTTP 402 + permissionless x402 pay-to — no account required

Properties

Deterministic. Same input → same verdict. No variance, no model drift.
Composable. Each dimension is independent and pluggable. Wire in a hallucination scorer or extend with custom patterns; the gate architecture is additive.
Honest. Severity and block-reasons are explicit strings, not opaque floats. A block is always nameable.
Fails safe. If a detector throws, that dimension returns severity: "error" — the call does not silently pass.
Zero dependencies. Runs anywhere Python 3.9+ runs. No pip install required to import.

License

Apache 2.0 — see LICENSE.

Part of Spektre Labs — coherence-theory research lab. 1 = 1, made executable.

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Fetch

Free

by Modelcontextprotocol · Developer Tools

Web content fetching and conversion for efficient LLM usage

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

mcp-creator-python

Free

by mcp-marketplace · Developer Tools

Create, build, and publish Python MCP servers to PyPI — conversationally.

Sigma Gate MCP Server

About

Security Report

Permissions Required

How to Connect

Documentation

σ-gate

The problem

One call

Three dimensions, one verdict

Install

Use it

Use as an MCP tool

Hosted — no install

Open-core vs hosted

Properties

License

Reviews

No reviews yet

More Developer Tools MCP Servers

Fetch

Toleno

mcp-creator-python

MarkItDown

FinAgent

mcp-creator-typescript