Code Firewall Mcp

Name: Code Firewall Mcp
Author: egoughnour

egoughnour/code-firewall-mcp

Intercept agent-generated code before shell or script execution by blocking snippets that structurally match known malicious patterns.

Overview

Code Firewall MCP is a MCP server for the Ship phase that blocks agent-proposed code from reaching execution tools when it is structurally similar to known malicious patterns.

What is this MCP server?

Structural similarity filter with configurable block threshold (default SIMILARITY_THRESHOLD 0.85)
Local Ollama embeddings (default model nomic-embed-text) plus FIREWALL_DATA_DIR for ChromaDB persistence
stdio MCP via PyPI package code-firewall-mcp or MCPB bundle v0.7.0
Stops malicious code patterns before they reach execution-oriented agent tools
Tunable OLLAMA_URL for offline or LAN embedding inference
Server version 0.7.0
Default EMBEDDING_MODEL nomic-embed-text

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

What problem does it solve?

Coding agents can suggest or run shell and script payloads that look fine in chat but match exploit templates you never spot in time.

Who is it for?

Solo builders running stdio MCP with local Ollama who want an embedding-based pre-execution filter on agent-generated code.

Skip if: Teams that need enterprise WAF, signed binary allowlists only, or security review with no local Ollama or ChromaDB footprint.

What do I get? / Deliverables

After you wire it into your MCP stack, high-similarity risky snippets are rejected locally before your execution tools run them.

stdio MCP tool that scores and blocks structurally similar risky code
Persistent local pattern store under FIREWALL_DATA_DIR
Configurable similarity block threshold (0–1)

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Sits on the path between LLM output and run tools, which is a ship-time safety gate rather than feature build work. Uses embedding similarity against a local ChromaDB corpus so risky code never reaches execution MCP tools.

How it compares

MCP execution gate with vector similarity, not a traditional IDE linter or cloud SOAR playbook.

Common Questions / FAQ

Who is Code Firewall MCP for?

Indie and solo developers using AI coding agents with MCP execution tools who want a local semantic filter before code runs.

When should I use Code Firewall MCP?

Use it during ship and security hardening whenever agents can propose or invoke shell, script, or codegen tools against your machine.

How do I add Code Firewall MCP to my agent?

Install code-firewall-mcp from PyPI or the v0.7.0 MCPB bundle, set FIREWALL_DATA_DIR and OLLAMA_URL, register the stdio server in Claude Code, Cursor, or Codex MCP config, then tune SIMILARITY_THRESHOLD.