MCP Gateway

A plugin-based MCP gateway that sits between an LLM and other MCP servers, intercepting and sanitizing requests/responses to prevent PII leakage, token/secret exposure, prompt injection attacks, and harmful content — with built-in security scanning of MCP server reputation.

Evaluated Mar 06, 2026 (0d ago) vlatest

Homepage ↗ Repo ↗ Security mcp-gateway security pii-masking prompt-injection mcp-proxy python plugin-based enterprise lasso-security

⚙ Agent Friendliness

/ 100

Can an agent use this?

🔒 Security

/ 100

Is it safe for agents?

⚡ Reliability

/ 100

Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality

Documentation

Error Messages

Auth Simplicity

Rate Limits

🔒 Security

TLS Enforcement

Auth Strength

Scope Granularity

Dep. Hygiene

Secret Handling

MCP API gateway/proxy. Auth and rate limiting at gateway layer. Gateway sees all tool traffic — high trust requirement. TLS termination at gateway. Audit logs essential.

⚡ Reliability

Uptime/SLA

Version Stability

Breaking Changes

Error Recovery

Best When

You are deploying MCP servers in an enterprise context and need a drop-in security layer for PII masking, secret detection, and prompt injection defense without rewriting existing MCP servers.

Avoid When

You want full security coverage (PII + secrets + prompt injection + harmful content) without the Lasso commercial plugin — the open-source plugins only partially cover these cases.

Use Cases

• Adding a security and PII protection layer in front of existing MCP servers without modifying them
• Detecting and blocking prompt injection attempts embedded in MCP tool responses before they reach the LLM
• Auditing and logging MCP tool calls for compliance and observability via the xetrack plugin

Not For

• Simple personal MCP setups where security overhead is unnecessary
• Teams that need full enterprise policy management without Lasso Security's commercial API key (basic/presidio plugins have limited coverage)
• High-throughput production environments where the Python proxy layer adds latency concerns

Interface

REST API

GraphQL

gRPC

MCP Server

Yes

SDK

Webhooks

Authentication

Methods: api_key

OAuth: No Scopes: No

Lasso plugin requires LASSO_API_KEY. The gateway itself has no auth — it relies on the underlying MCP client's auth. xetrack uses path-based config.

Pricing

Model: open_source

Free tier: Yes

Requires CC: No

MIT licensed core; Lasso plugin requires commercial API key for full security coverage.

Agent Metadata

Pagination

none

Idempotent

Yes

Retry Guidance

Not documented

Known Gotchas

⚠ Silent redaction of PII/secrets means agents may receive incomplete tool responses without understanding why — the agent may not realize data was removed
⚠ Full security coverage (prompt injection + harmful content detection) requires the commercial Lasso Security API plugin — open-source plugins only cover PII via Presidio and basic secret patterns
⚠ Security reputation scanner checks MCP servers at gateway load time but does not continuously re-scan — a server compromised after initial startup will not be detected
⚠ Python proxy adds a latency hop for every MCP call — not benchmarked; may be significant for high-frequency tool calls
⚠ The gateway itself has no authentication layer — it relies on the MCP client to be the trust boundary, which may not be appropriate for multi-tenant environments

Alternatives

{'id': 'mcp-gateway-registry', 'reason': 'Registry and discovery layer for MCP servers rather than a security proxy'} {'id': 'guardrails-ai', 'reason': 'More mature guardrails framework for LLM output validation with broader language support'}

Full Evaluation Report

Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for MCP Gateway.

$99

API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-06.