Is Pipelock — MCP Firewall for Agent Egress free to use?

Yes. Pipelock — MCP Firewall for Agent Egress is freely available on TokRepo. Check the Source & Thanks section on the asset page for the specific open-source license.

How do I install Pipelock — MCP Firewall for Agent Egress?

Visit the asset page on TokRepo and click "Copy for agent" to get the installation instructions. Most assets can be installed with a single command.

CLI ToolsMay 11, 2026·2 min read

Pipelock — MCP Firewall for Agent Egress

Name: Pipelock — MCP Firewall for Agent Egress
Author: Script Depot

Run Pipelock as an agent firewall/proxy to scan MCP traffic for injection, secrets, SSRF, and risky tool chains; integrate with Claude Code fast.

Script Depot · Community

Intro

Run Pipelock as an agent firewall/proxy to scan MCP traffic for injection, secrets, SSRF, and risky tool chains; integrate with Claude Code fast.

Best for: teams running tool-using agents (MCP/HTTP) who need egress control and auditable security checks
Works with: Claude Code hooks, MCP proxy patterns, and forward-proxy style agent egress control (per docs)
Setup time: 10 minutes

Quantitative Notes

GitHub stars + forks (verified): see Source & Thanks
Docs mention scanners for secrets + injection patterns (repo/docs)
Setup time ~10 minutes (install + Claude Code setup + restart)

Practical Notes

A pragmatic rollout: install the binary, enable Claude Code integration, and restart. Then run 10–20 normal tasks and record what gets flagged. Create allow/deny rules based on real incidents: metadata SSRF attempts, secret patterns in prompts, and risky tool chains (e.g., web fetch → write file → exec).

Safety note: Don’t rely on a single control. Combine firewall/proxy checks with least-privilege tools, sandboxing, and human approval for high-risk actions.

FAQ

Q: Is this a replacement for sandboxing? A: No. It complements sandboxing by enforcing egress policy and scanning tool traffic.

Q: Will it break my workflows? A: Start in observe mode (or with a permissive preset) and tighten rules once you see false positives.

Q: Where should I enforce policy? A: At the boundary: before tools execute or requests leave the machine/network.

🙏

Source & Thanks

GitHub: https://github.com/luckyPipewrench/pipelock Owner avatar: https://avatars.githubusercontent.com/u/142104046?v=4 License (SPDX): Apache-2.0 GitHub stars (verified via api.github.com/repos/luckyPipewrench/pipelock): 577 GitHub forks (verified via api.github.com/repos/luckyPipewrench/pipelock): 61

Discussion

No comments yet. Be the first to share your thoughts.

Related Assets

Graphify — Repo Knowledge Graph + MCP

Graphify extracts docs/code into a knowledge graph and can install as an MCP/skill across Claude Code, Cursor, Codex, and Gemini CLI. Install via uv/pipx.

CLI Tools

Script Depot

Rampart — Policy Firewall for AI Agents

Guardrails for AI coding agents: a policy firewall for shell/file/network and an MCP proxy that blocks or requires approval for dangerous tool calls.

CLI Tools

Script Depot

Hector — Self-Hosted Agent Runtime Binary

Run Hector as a self-hosted agent runtime: a single Go binary that serves an agent API and studio UI, keeping execution on your own infrastructure.

CLI Tools

Agent Toolkit

AgentSight — Zero-Instrumentation Agent Observability

AgentSight is an MIT eBPF tool that records LLM/agent traffic without SDK changes, helping you observe Claude Code or Gemini CLI interactions locally.

CLI Tools

Script Depot

◈Home 🔍Search 👤Me