8000 GitHub - semcp/policy-mcp-rs: A capability-based policy for MCP servers
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

semcp/policy-mcp-rs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
.github
.github
 
 
examples
examples
 
 
src
src
 
 
testdata
testdata
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 

Repository files navigation

A Rust Crate for MCP Capability Policies

A Rust crate for parsing and manipulating MCP (Model Context Protocol) server capability policy files.

Basic Usage

use policy_mcp::{PolicyParser, PolicyDocument};

let policy = PolicyParser::parse_file("policy.yaml")?;
println!("Policy version: {}", policy.version);

Policy Structure

Basic YAML format:

version: "1.0"
description: "My policy"
permissions:
  storage:
    allow:
    - uri: "fs://work/agent/**"
      access: ["read", "write"]
  network:
    allow:
    - host: "api.example.com"

Storage Permissions

storage:
  allow:
    - uri: "fs://work/agent/**"
      access: ["read", "write"]
    - uri: "fs://work/temp/*"
      access: ["read"]

Network Permissions

network:
  allow:
    - host: "api.service.com"
    - host: "*.internal.com"
    - cidr: "10.0.0.0/8"

Environment Variables

environment:
  allow:
    - key: "PATH"
    - key: "HOME"

Docker Runtime

runtime:
  docker:
    security:
      privileged: false
      capabilities:
        drop: ["ALL"]
        add: ["NET_BIND_SERVICE"]

About

A capability-based policy for MCP servers

Topics

security mcp policy capability mcp-server

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages
0