Redaction & Compliance MCP Server

Redaction & Compliance MCP Server

Provides a pre-flight/post-flight firewall for LLM calls with comprehensive detection, classification, policy enforcement, reversible redaction, output safety, and immutable audit logging.

Category
访问服务器

README

Redaction & Compliance MCP Server

Production-Ready Edition | Version 2.0

This repository contains a production-grade implementation of a Redaction & Compliance Model Context Protocol (MCP) server. It provides a pre-flight / post-flight firewall for LLM calls with comprehensive detection, classification, policy enforcement, reversible redaction, selective detokenization, output safety, and immutable audit logging.

✨ Features

🎯 Core Capabilities

  • 🔄 Streaming Support: Real-time streaming for OpenAI, Claude, and Gemini with chunk-by-chunk detokenization
  • 🛡️ Claim Verification: Research-based hallucination detection with inline warnings (supports local models)
  • 🚀 Transparent Proxy: Zero-code integration - just change your API base URL
  • 📊 Production-Grade: NGINX, HTTPS, SIEM integration, Redis backend, systemd service

🔍 Advanced Detection

  • Multi-cloud credentials: AWS (AKID, secrets), Azure (Storage Keys, SAS tokens, Connection Strings), GCP (API keys, OAuth)
  • OAuth & Bearer tokens: JWT detection, OAuth access tokens
  • Crypto keys: PEM (RSA, DSA, EC), PKCS#12, Kubernetes config/tokens
  • PII with validation:
    • Credit cards with Luhn checksum validation
    • SSN with format validation (rejects invalid area codes 000, 666, 900-999)
    • Email addresses and phone numbers
  • Internal infrastructure: Joby Aviation domains (*.na.joby.aero, *.az.joby.aero), IP addresses, hostnames
  • Export control: Aviation keywords (eVTOL, ITAR, FAA certification, flight control systems, propulsion)

🛡️ Policy Engine

  • Geo/region constraints: US, EU, APAC, restricted regions (CN, RU, IR, KP, SY)
  • Caller-based routing: Trusted caller lists, per-caller detokenization permissions
  • Data residency: EU GDPR compliance, region-specific model routing
  • Category actions: block, redact, internal_only, allow
  • Version tracking: Policy version embedded in all decisions

🔐 Token Store

  • In-memory: Fast, stateless, for dev/test
  • Redis with AES-GCM: Production-grade with encryption at rest
    • AES-256-GCM encryption
    • PBKDF2 key derivation
    • Automatic TTL management
  • Deterministic placeholders: «token:TYPE:HASH4» stable within conversation scope

⚠️ Output Safety

  • 50+ dangerous command patterns: Filesystem destruction, system control, K8s/Docker, databases, cloud infra, network/firewall
  • External config support: JSON-based custom pattern loading
  • 3 modes: warning (annotate), block (redact), silent (pass-through)

📊 Audit & Compliance

  • Append-only JSONL: Immutable audit trail
  • Full context capture: Caller, region, categories, decisions, redaction counts
  • Query API: Search and retrieve audit records
  • SIEM integration: Real-time shipping to Splunk, Elasticsearch, Datadog, Syslog
  • Buffered shipping: <5% overhead, batch mode for production

🚀 Production Installation (5 Minutes)

Automated installer with NGINX, HTTPS, and Client SDK:

# On your Linux server (Ubuntu 20.04+ or RHEL 8+)
wget https://raw.githubusercontent.com/sunkencity999/redaction-compliance-MCP/main/install.sh
chmod +x install.sh
sudo ./install.sh

What it does:

  • ✅ Installs all dependencies (Python 3.11, Redis, NGINX)
  • ✅ Generates cryptographic secrets (you backup them)
  • ✅ Configures SIEM integration (Splunk/Elasticsearch/Datadog)
  • ✅ Sets up NGINX reverse proxy with HTTPS (Let's Encrypt or self-signed)
  • ✅ Creates systemd service (auto-start on boot)
  • ✅ Installs Python Client SDK
  • ✅ Creates integration examples
  • ✅ Runs full test suite (186+ tests)

Manual installation: See QUICKSTART.md


📦 Client SDKs

Python SDK

Seamless integration for Python/backend applications:

# Install SDK (included in automated installer)
pip install -e .

Usage:

from mcp_client import MCPClient, MCPConfig

# Configure once
mcp = MCPClient(MCPConfig(
    server_url="https://mcp.yourcompany.com",
    caller="your-app-name"
))

# Protect LLM calls automatically
user_input = "My AWS key is AKIAIOSFODNN7EXAMPLE, help me debug"

# Redact before sending to LLM
sanitized, handle = mcp.redact(user_input)
# sanitized: "My AWS key is «token:SECRET:a3f9», help me debug"

# Send sanitized version to OpenAI/Claude/etc
llm_response = your_llm_function(sanitized)

# Restore non-secret tokens
final = mcp.detokenize(llm_response, handle)

# Secrets stay tokenized, PII/ops_sensitive restored!

Or use the convenience wrapper:

from mcp_client import MCPClient, MCPConfig

mcp = MCPClient(MCPConfig.from_env())

# One-line protection
response = mcp.safe_llm_call(
    user_input,
    lambda text: openai.ChatCompletion.create(
        model="gpt-4",
        messages=[{"role": "user", "content": text}]
    ).choices[0].message.content
)

Examples: See examples/ directory after installation


JavaScript/Browser SDK

For web applications, React, Vue, Angular:

<!-- Include SDK -->
<script src="mcp_client_js/mcp-client.js"></script>

<script>
// Initialize client
const mcp = new MCPClient({
    serverUrl: 'https://mcp.yourcompany.com',
    caller: 'web-app'
});

// Protect browser-based LLM calls
async function safeChatCompletion(userInput) {
    const response = await mcp.safeLLMCall(
        userInput,
        async (sanitized) => {
            // Call OpenAI/Claude from browser
            return await callYourLLM(sanitized);
        }
    );
    return response;
}
</script>

React Example:

import { MCPClient } from './mcp-client.js';

const mcp = new MCPClient({
    serverUrl: process.env.REACT_APP_MCP_SERVER,
    caller: 'react-app'
});

function ChatComponent() {
    const handleSubmit = async (input) => {
        try {
            const response = await mcp.safeLLMCall(input, callOpenAI);
            setMessages(prev => [...prev, response]);
        } catch (error) {
            if (error instanceof MCPBlockedError) {
                alert('Request blocked: contains sensitive data');
            }
        }
    };
    // ... rest of component
}

TypeScript supported: See mcp_client_js/mcp-client.d.ts

Examples: See mcp_client_js/examples/ for browser and React demos


🔄 Transparent Proxy Mode (NEW!)

Zero-code integration for existing OpenAI/Claude/Gemini apps:

Just change your API base URL and MCP automatically protects all calls!

import openai

# Change this one line:
openai.api_base = "https://mcp.yourcompany.com/v1"

# Your existing code works unchanged!
response = openai.ChatCompletion.create(
    model="gpt-4",
    messages=[{"role": "user", "content": "My AWS key is AKIA..."}]
)
# MCP automatically redacts before OpenAI sees it!

Supported Providers:

  • OpenAI (/v1/chat/completions) - Streaming supported
  • Claude (/v1/messages) - Streaming supported
  • Gemini (/v1/models/{model}:generateContent) - Streaming supported

Features:

  • ✅ Real-time streaming with chunk-by-chunk detokenization
  • ✅ Optional claim verification (hallucination detection)
  • ✅ Local model support (vLLM, Ollama, FastAPI)
  • ✅ Automatic redaction + detokenization
  • ✅ Full audit trail in SIEM

Setup:

# In .env file
PROXY_MODE_ENABLED=true
CLAIM_VERIFICATION_ENABLED=false  # Optional
DETOKENIZE_TRUSTED_CALLERS=openai-proxy,claude-proxy,gemini-proxy

Full Guides:

  • TRANSPARENT_PROXY.md - Proxy mode documentation
  • CLAIM_VERIFICATION.md - Hallucination detection guide

🛡️ Claim Verification (Hallucination Detection)

Optional post-processing layer to verify factual accuracy of LLM responses:

Using a research-based approach, this feature analyzes LLM responses through a 4-stage pipeline to detect and flag potential hallucinations and false claims.

# Enable in .env
CLAIM_VERIFICATION_ENABLED=true
CLAIM_VERIFICATION_MODEL=gpt-4o-mini  # Or local model

# Use any LLM normally via transparent proxy
response = openai.ChatCompletion.create(
    model="gpt-4",
    messages=[{"role": "user", "content": "What was Argentina's inflation in 2023?"}]
)

# If LLM hallucinates a wrong number, you'll see:
print(response.choices[0].message.content)
# "Argentina's inflation reached 300% in 2023."
# ⚠️ **[CLAIM FLAGGED - HIGH CONFIDENCE]**: This claim is likely false. 
# Evidence suggests Argentina's inflation was approximately 211% in 2023.

4-Stage Verification Pipeline:

  1. Sentence Splitting - Break response into sentences with context
  2. Selection - Filter to verifiable factual claims
  3. Disambiguation - Resolve or flag ambiguous statements
  4. Decomposition - Extract atomic, standalone claims
  5. Verification - Fact-check each claim with confidence scores

Output Modes:

  • Inline Warnings: 🚨 High, ⚠️ Medium, ℹ️ Low confidence flags added to text
  • Metadata: Full verification details in mcp_verification response field
  • No Blocking: Users always see full response + warnings (inform, don't censor)

Local Model Support:

# Use vLLM, Ollama, or FastAPI locally (no API fees, full privacy)
CLAIM_VERIFICATION_BASE_URL=http://localhost:8000/v1
CLAIM_VERIFICATION_MODEL=meta-llama/Meta-Llama-3.1-8B-Instruct
CLAIM_VERIFICATION_REQUIRE_AUTH=false  # No authentication needed

Use Cases:

  • Technical/Engineering - Verify calculations, formulas, specifications
  • Scientific - Fact-check research claims, data, constants
  • Financial - Validate statistics, market data, economic claims
  • Medical - Verify dosages, symptoms, treatments (strict mode)

Performance:

  • Latency: ~500-1000ms per response (cloud) or ~300ms (local)
  • Cost: ~$0.0003/response with gpt-4o-mini, $0 with local models
  • Caching: ~80% hit rate reduces both latency and cost

Full Guide: See CLAIM_VERIFICATION.md for complete setup, configuration, and examples.


🌐 API Endpoints (REST)

Core MCP Endpoints:

  • GET /health → server health check
  • POST /classify → classify payload sensitivity
  • POST /redact → sanitize payload, return token_map_handle
  • POST /detokenize → reinject allowed tokens (trusted clients only)
  • POST /route → produce an execution plan (internal/external, redaction steps)
  • POST /audit/query → simple audit search

Transparent Proxy Endpoints (when PROXY_MODE_ENABLED=true):

  • POST /v1/chat/completions → OpenAI-compatible proxy
  • POST /v1/messages → Claude-compatible proxy
  • POST /v1/models/{model}:generateContent → Gemini-compatible proxy

Full API documentation: See mcp_redaction/models.py for request/response schemas.

Policy

Edit mcp_redaction/sample_policies/default.yaml. Hot-reload on change is supported (watcher optional).

Stdio / JSON-RPC (MCP) Adapter

See mcp_redaction/stdio_adapter.py for a minimal adapter skeleton you can mount under an agent runtime.

Testing

pytest -q

Production Hardening

  • Run behind mTLS and identity-aware proxy
  • Use Redis (or KV with envelope encryption) for token maps
  • Ship audit logs to SIEM (Splunk/ELK); rotate JSONL files
  • Add OPA/Gatekeeper check on detokenize categories
  • Extend detectors (NER, export-control classifier), add OCR for attachments
  • Enforce geo-routing and model-allow lists in policy.yaml

推荐服务器

Baidu Map

Baidu Map

百度地图核心API现已全面兼容MCP协议,是国内首家兼容MCP协议的地图服务商。

官方
精选
JavaScript
Playwright MCP Server

Playwright MCP Server

一个模型上下文协议服务器,它使大型语言模型能够通过结构化的可访问性快照与网页进行交互,而无需视觉模型或屏幕截图。

官方
精选
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

一个由人工智能驱动的工具,可以从自然语言描述生成现代化的用户界面组件,并与流行的集成开发环境(IDE)集成,从而简化用户界面开发流程。

官方
精选
本地
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

通过模型上下文协议启用与 Audiense Insights 账户的交互,从而促进营销洞察和受众数据的提取和分析,包括人口统计信息、行为和影响者互动。

官方
精选
本地
TypeScript
VeyraX

VeyraX

一个单一的 MCP 工具,连接你所有喜爱的工具:Gmail、日历以及其他 40 多个工具。

官方
精选
本地
graphlit-mcp-server

graphlit-mcp-server

模型上下文协议 (MCP) 服务器实现了 MCP 客户端与 Graphlit 服务之间的集成。 除了网络爬取之外,还可以将任何内容(从 Slack 到 Gmail 再到播客订阅源)导入到 Graphlit 项目中,然后从 MCP 客户端检索相关内容。

官方
精选
TypeScript
Kagi MCP Server

Kagi MCP Server

一个 MCP 服务器,集成了 Kagi 搜索功能和 Claude AI,使 Claude 能够在回答需要最新信息的问题时执行实时网络搜索。

官方
精选
Python
e2b-mcp-server

e2b-mcp-server

使用 MCP 通过 e2b 运行代码。

官方
精选
Neon MCP Server

Neon MCP Server

用于与 Neon 管理 API 和数据库交互的 MCP 服务器

官方
精选
Exa MCP Server

Exa MCP Server

模型上下文协议(MCP)服务器允许像 Claude 这样的 AI 助手使用 Exa AI 搜索 API 进行网络搜索。这种设置允许 AI 模型以安全和受控的方式获取实时的网络信息。

官方
精选