mcp

package
v0.8.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 20, 2026 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Overview

Package mcp implements RiskKernel's MCP gateway: a JSON-RPC reverse proxy that sits in front of an upstream MCP server and governs tools/call. Every other MCP method is forwarded transparently; tools/call is intercepted to enforce a per-tool allowlist, route side-effecting tools through the deterministic approval gate, and record an auditable tool_call. Point your MCP client at this gateway instead of the real server — the governance is invisible to allowed, approved calls.

Index

Constants

View Source 
const HeaderRunID = "X-RiskKernel-Run-Id"

HeaderRunID groups MCP calls into a governed run (same header as the proxy).

Variables

This section is empty.

Functions

This section is empty.

Types

type Gateway 

type Gateway struct {
	// contains filtered or unexported fields
}

Gateway governs MCP tools/call in front of an upstream MCP server.

func New 

func New(upstream string, allowlist, readonly []string, gate *approval.Gate,
	mgr *runs.Manager, store storage.Store, tracer *otel.Tracer, approvalTimeout time.Duration, log *slog.Logger) *Gateway

New constructs an MCP gateway. upstream must be non-empty.

func (*Gateway) Register 

func (g *Gateway) Register(mux *http.ServeMux, mw Middleware)

Register mounts the gateway at POST /mcp.

type Middleware 

type Middleware func(http.HandlerFunc) http.HandlerFunc

Middleware wraps a handler (e.g. with auth).

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.