Is io.github.egoughnour/code-firewall-mcp safe to use?

io.github.egoughnour/code-firewall-mcp has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install io.github.egoughnour/code-firewall-mcp?

io.github.egoughnour/code-firewall-mcp can be installed by cloning its GitHub repository and following the setup instructions in the README.

What AI clients work with io.github.egoughnour/code-firewall-mcp?

io.github.egoughnour/code-firewall-mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.

Is io.github.egoughnour/code-firewall-mcp actively maintained?

io.github.egoughnour/code-firewall-mcp is less actively maintained — last commit was 132 days ago.

io.github.egoughnour/code-firewall-mcp

Structural similarity-based code filter. Stops malicious code pattern reaching execution tools.

0 tools GitHub

No known CVEs

No license

Maintained

Last commit 132d ago

Works with most clients

Transport: stdio

0 tools

Grade F

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-egoughnour-code-firewall-mcp": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-egoughnour-code-firewall-mcp)](https://mcppedia.org/s/io-github-egoughnour-code-firewall-mcp)

Read me

What io.github.egoughnour/code-firewall-mcp does

A structural similarity-based code security filter for MCP (Model Context Protocol). Blocks dangerous code patterns before they reach execution tools by comparing code structure against a blacklist of known-bad patterns.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

28/100across 5 weighted dimensions

How we score →

0255075100

−72

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.egoughnour/code-firewall-mcp safe to use?: io.github.egoughnour/code-firewall-mcp has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.egoughnour/code-firewall-mcp?: io.github.egoughnour/code-firewall-mcp can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with io.github.egoughnour/code-firewall-mcp?: io.github.egoughnour/code-firewall-mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.
Is io.github.egoughnour/code-firewall-mcp actively maintained?: io.github.egoughnour/code-firewall-mcp is less actively maintained — last commit was 132 days ago.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

9.0k 3

Mcpki Server92

mcpki-server is the backend infrastructure for https://www.mcpki.org, enabling secure public key management and autonomous certificate handling for large language models (LLMs).

MCP Security Weekly

Get CVE alerts and security updates for io.github.egoughnour/code-firewall-mcp and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-egoughnour-code-firewall-mcp": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-egoughnour-code-firewall-mcp)](https://mcppedia.org/s/io-github-egoughnour-code-firewall-mcp)

Read me

What io.github.egoughnour/code-firewall-mcp does

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

README

Code Firewall MCP

How It Works

flowchart LR
    A[Code<br/>file/string] --> B[Parse & Normalize<br/>tree-sitter]
    B --> C[Embed<br/>Ollama]
    C --> D{Similarity Check<br/>vs Blacklist}
    D -->|≥ threshold| E[🚫 BLOCKED]
    D -->|< threshold| F[✅ ALLOWED]
    F --> G[Execution Tools<br/>rlm_exec, etc.]

    style E fill:#ff6b6b,color:#fff
    style F fill:#51cf66,color:#fff
    style D fill:#339af0,color:#fff

Parse code to Concrete Syntax Tree (CST) using tree-sitter
Normalize by stripping identifiers and literals → structural skeleton
Embed the normalized structure via Ollama
Compare against blacklisted patterns in ChromaDB
Block if similarity exceeds threshold, otherwise allow

Key Insight

Code patterns like os.system("rm -rf /") and os.system("ls") have identical structure. By normalizing away the specific commands/identifiers, we can detect dangerous patterns regardless of the specific arguments used.

Security-sensitive identifiers are preserved during normalization (e.g., eval, exec, os, system, subprocess, Popen, shell) to ensure embeddings remain discriminative for dangerous patterns.

Installation

Quick Start

Option 1: PyPI (Recommended)

uvx code-firewall-mcp
# or
pip install code-firewall-mcp

Option 2: Claude Desktop One-Click

Download the .mcpb from Releases and double-click to install.

Option 3: From Source

git clone https://github.com/egoughnour/code-firewall-mcp.git
cd code-firewall-mcp
uv sync

Wire to Claude Code / Claude Desktop

Add to ~/.claude/.mcp.json (Claude Code) or claude_desktop_config.json (Claude Desktop):

{
  "mcpServers": {
    "code-firewall": {
      "command": "uvx",
      "args": ["code-firewall-mcp"],
   

... [View full README on GitHub](https://github.com/egoughnour/code-firewall-mcp#readme)

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

28/100across 5 weighted dimensions

How we score →

0255075100

−72

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.egoughnour/code-firewall-mcp safe to use?: io.github.egoughnour/code-firewall-mcp has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.egoughnour/code-firewall-mcp?: io.github.egoughnour/code-firewall-mcp can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with io.github.egoughnour/code-firewall-mcp?: io.github.egoughnour/code-firewall-mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.
Is io.github.egoughnour/code-firewall-mcp actively maintained?: io.github.egoughnour/code-firewall-mcp is less actively maintained — last commit was 132 days ago.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

9.0k 3

Mcpki Server92

mcpki-server is the backend infrastructure for https://www.mcpki.org, enabling secure public key management and autonomous certificate handling for large language models (LLMs).

MCP Security Weekly

Get CVE alerts and security updates for io.github.egoughnour/code-firewall-mcp and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?