Mcp Watchdog

Name: Mcp Watchdog
Author: io.github.bountyyfi

Put a security proxy in front of your MCP servers to block common agent-tool abuse patterns before they hit production integrations.

Overview

MCP Watchdog is a MCP server for the Ship phase that acts as a security proxy detecting and blocking 40+ classes of MCP attacks with zero-config setup.

What is this MCP server?

MCP security proxy with detection and blocking for 40+ MCP attack classes
Zero-config positioning in registry description—aimed at drop-in stdio wrapping
PyPI package mcp-watchdog v0.1.9 with stdio transport
Sits between your agent client and downstream MCP servers as a guard layer
Focused on MCP protocol abuse, not general network firewalling
Detects and blocks 40+ MCP attack classes (per registry description)
Registry version 0.1.9

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

What problem does it solve?

Every new MCP server you attach is another path for tool poisoning, data exfiltration, and injection—hard to audit one by one as a solo builder.

Who is it for?

Indie builders running several untrusted or community MCP servers who want a stdio proxy guard without building custom policy code.

Skip if: Teams that only need static SAST on repositories, or environments already covered by enterprise MCP gateways with centralized policy.

What do I get? / Deliverables

After routing traffic through Watchdog, risky MCP request patterns can be blocked before they reach your downstream tools.

Proxy layer that evaluates MCP traffic against 40+ attack classes
Blocked or allowed tool calls before they reach inner MCP servers

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Watchdog belongs in ship because you harden tool chains right before or as you expose agents to real data and external APIs. Security subphase fits a proxy that detects and blocks MCP-specific attack classes rather than writing feature code or SEO.

How it compares

MCP traffic security proxy, not a code-review skill or generic vulnerability scanner.

Common Questions / FAQ

Who is io.github.bountyyfi/mcp-watchdog for?

It is for solo developers and small teams that rely on multiple MCP tools and need a lightweight proxy to block MCP-specific attack patterns.

When should I use io.github.bountyyfi/mcp-watchdog?

Use it during ship and security hardening when you connect agents to real data via MCP and want guardrails before going live.

How do I add io.github.bountyyfi/mcp-watchdog to my agent?

Install the PyPI package mcp-watchdog and place it in your MCP stdio chain so agent traffic passes through the proxy to downstream servers.

Mcp Watchdog

Put a security proxy in front of your MCP servers to block common agent-tool abuse patterns before they hit production integrations.

Overview

MCP Watchdog is a MCP server for the Ship phase that acts as a security proxy detecting and blocking 40+ classes of MCP attacks with zero-config setup.