SPFsmartGATE
AI Gateway — Compiled Rust security enforcement - linux - android - persistent memory - mcp server with mcp tools including api web fetch Free and Open Source.
ActiveNot tested
★ 11GitHub
29DNo CVEsactive
Quick Install
{
"mcpServers": {
"spfsmartgate": {
"command": "<see-readme>",
"args": []
}
}
}No install config available. Check the server's README for setup instructions.
Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
Embed in your READMEAbout badges →
[](https://mcppedia.org/s/spfsmartgate)
Should you use this server?
AI Gateway — Compiled Rust security enforcement - linux - android - persistent memory - mcp server with mcp tools including api web fetch Free and Open Source.
✓
Is it safe?
No package registry to scan.
No authentication — any process on your machine can connect.
License not specified.
✓
Is it maintained?
Last commit 1 days ago. 11 stars.
i
Will it work with my client?
Transport: stdio. Works with Claude Desktop, Cursor, Claude Code, and most MCP clients.
README
SPFsmartGATE
AI Security Gateway — Compiled Rust enforcement between AI agents and your system.
Open Source under MIT License
Certain core inventions (StoneCell Processing Formula, FLINT Memory Router, dynamic LMDB sizing, etc.) are protected by pending or future patents.
See PATENTS.md for details.
Commercial use of patented features may require a separate license agreement.
What Is SPFsmartGATE?
SPFsmartGATE is a compiled Rust security gateway that sits between AI agents and your system. Every tool call from any AI agent must pass through the gate before touching the filesystem, running commands, or accessing the web.
It enforces the StoneCell Processing Formula (SPF) for AI self-governance — a mathematical complexity model that calculates risk, allocates resources, and gates operations in real time.
The gate is compiled into a native binary. There is no runtime configuration bypass. The rules are in the code.
| WHY_SPF.md | Feature highlights and value proposition |
Core Features
Gate Enforcement Pipeline
Every tool call passes through a 5-stage pipeline:
- Rate Limiting — Per-minute operation caps by tool category (write: 60/min, web: 30/min, read: 120/min)
- Complexity Calculation — The SPF formula computes a complexity score C for every operation
- Validation — Build Anchor protocol, write allowlist, path blocking, dangerous command detection
- Content Inspection — Credential detection, path traversal, shell injection scanning
- Max Mode Escalation — Violations escalate to CRITICAL tier instead of blocking, forcing maximum scrutiny
SPF Complexity Formula
C = basic^1 + deps^7 + complex^10 + files * 10
a_optimal(C) = W_eff * (1 - 1 / ln(C + e))
The formula produces a complexity score that determines:
- Tier assignment: SIMPLE, LIGHT, MEDIUM, CRITICAL
- Resource allocation: Analyze vs Build percentage
- Approval requirements: Per-tier escalation policy
Build Anchor Protocol
AI agents must read a file before they can edit or overwrite it. This prevents blind modifications and forces the agent to understand existing code before changing it.
Default-Deny Security
Unknown tools are blocked until explicitly added to the gate allowlist. 55 tools are exposed and allowed through the gate. 8 filesystem tools are hard-blocked at the gate level (registered but denied). Everything else is denied.
SSRF Protection
Full IPv4 and IPv6 validation on all web requests. Blocks loopback, private networks, link-local, cloud metadata endpoints, and IPv4-mapped IPv6 addresses.
Content Inspection
Scans all write operations for:
- Credential patterns (API keys, tokens, private keys)
- Path traversal sequences
- Shell injection patterns
- References to blocked paths
Architecture
SPFsmartGATE uses a 6-database LMDB architecture:
| Database | Size | Purpose |
|---|---|---|
| SESSION | 50 MB | Runtime session persistence |
| CONFIG | 10 MB | Configuration and path rules |
| PROJECTS | 20 MB | Project registry |
| TMP_DB | 50 MB | Metadata tracking and trust |
| AGENT_STATE | 100 MB | Agent memory and sessions |
| SPF_FS | 4 GB | Virtual filesystem (system-only) |
The MCP (Model Context Protocol) server communicates via stdio JSON-RPC 2.0, making it compatible with any MCP client.
Source Modules
src/
├── main.rs — CLI entry point, subcommand dispatch
├── lib.rs — Library root, module declarations, shared types
├── mcp.rs — MCP JSON-RPC 2.0 server, 63 tool handlers
├── gate.rs — 5-stage enforcement pipeline, tool allowlist
├── calculate.rs — SPF complexity formula, tier assignment
├── valida
... [View full README on GitHub](https://github.com/STONE-CELL-SPF-JOSEPH-STONE/SPFsmartGATE#readme)
Test This Server
No automated test available for this server. Check the GitHub README for setup instructions.
Help improve this page
This server is missing a description. Tools and install config are also missing.If you've used it, help the community.
Add informationScore Breakdown
Security
3/30No known vulnerabilities.
○
Known CVEs — No package registry to scan
○
Tool safety — No tools to analyze
○
Tool poisoning — No tools to analyze
○
Injection vectors — No tools to analyze
✓
Tool stability — Tool definitions stable
○
Dependency health — No package to analyze
✗
License — No license specified
○
Authentication — No authentication required
○
Repository — active repo
CVEs checked daily via OSV.dev. Score algorithm is open source.
Reviews
Have you used this server?
Share your experience — it helps other developers decide.
How easy was setup?Did it work reliably?How was the documentation?
Sign in to write a review.
Frequently Asked Questions
- Is SPFsmartGATE safe to use?
- SPFsmartGATE has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
- How do I install SPFsmartGATE?
- SPFsmartGATE can be installed by cloning its GitHub repository and following the setup instructions in the README.
- What AI clients work with SPFsmartGATE?
- SPFsmartGATE is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio transport.
- Is SPFsmartGATE actively maintained?
- SPFsmartGATE is actively maintained — last commit was 1 day ago. It has 11 GitHub stars.
Similar servers
View all →
Memory MCP Server
OfficialNo CVEs98A
Persistent memory using a knowledge graph
5 toolsstdio84.0k81.6k/wk2d ago
Context Mode
No CVEs95A
Privacy-first. MCP is the protocol for tool access. We're the virtualization layer for context.
6 toolsremote7.4k10.0k/wk2d ago
I
Idea Reality MCP Server
No CVEs95A
Pre-build reality check. Scans GitHub, HN, npm, PyPI, Product Hunt — returns 0-100 signal.
1 toolsremote60643.6k/wk3d ago
H
Hash-verified file editing MCP server with token efficiency hook. 11 tools for AI coding agents.
No CVEs95A
Hash-verified file editing MCP server with token efficiency hook. 11 tools for AI coding agents.
5 toolsremote405698.1k/wk1d ago
MCP Security Weekly
Get CVE alerts and security updates for SPFsmartGATE and similar servers.
Discussion
Start a conversation
Ask a question, share a tip, or report an issue.
Has anyone used this with Cursor?How do you handle auth?Any alternatives?
Sign in to join the discussion.