# MCPProxy — Secure MCP Tool Router + Quarantine > MCPProxy is a desktop/CLI proxy for MCP servers: manage upstreams, list tools to save context, and add safety via quarantine and optional Docker isolation. ## Install Merge the JSON below into your `.mcp.json`: ## Quick Use ```bash brew install smart-mcp-proxy/mcpproxy/mcpproxy # Start proxy server (default :8080) and tray UI mcpproxy serve ``` ## Intro If you run many MCP servers, MCPProxy gives you one control plane: start/stop upstreams, inspect tool lists, and add isolation so “tool supply chain” risk is manageable. **Best for:** Power users running multiple MCP servers across clients who want safer routing and easier debugging **Works with:** macOS/Windows/Linux; upstream stdio MCP servers; optional Docker isolation (per README) **Setup time:** 5–15 minutes ### Key facts (verified) - README shows minimal config at `~/.mcpproxy/mcp_config.json` and default data dir `~/.mcpproxy`. - CLI includes upstream management commands like `mcpproxy upstream list/restart/logs` (per README command list). - Starts an HTTP server on :8080 by default (per README quickstart/usage). - GitHub: 213 stars · 24 forks; pushed 2026-05-12 (GitHub API verified). ## Main Treat MCPProxy like an “MCP firewall”: 1. Keep a curated upstream list and disable anything you don’t use. 2. Use `mcpproxy tools list --server=NAME` to validate what tools an upstream actually exposes before trusting it. 3. Turn on Docker isolation for risky stdio servers so they can’t touch your host filesystem by default. 4. Use `doctor` and upstream logs during incidents—debugging is faster when the proxy is the single chokepoint. This is especially useful when you share MCP setups across multiple clients and machines. ### FAQ **Q: Is it only a GUI?** A: No. The README includes a full CLI (`mcpproxy ...`) plus an optional tray UI. **Q: Where is configuration stored?** A: The README shows `~/.mcpproxy/mcp_config.json` as the minimal config path. **Q: Does it help with safety?** A: Yes. The README describes quarantine and Docker isolation modes for upstream servers. ## Source & Thanks > Source: https://github.com/smart-mcp-proxy/mcpproxy-go > License: MIT > GitHub stars: 213 · forks: 24 --- ## 快速使用 ```bash brew install smart-mcp-proxy/mcpproxy/mcpproxy # 启动代理(默认 :8080)与托盘 mcpproxy serve ``` ## 简介 当你要跑很多 MCP server 时,MCPProxy 提供统一控制面:启停上游、检查工具清单、加隔离,让“工具供应链”风险可控。 **最适合:** 同时跑多套 MCP server 的重度用户:希望更安全的路由与更好排障能力 **适配:** macOS/Windows/Linux;上游 stdio MCP servers;可选 Docker 隔离(见 README) **配置时间:** 5–15 分钟 ### 关键事实(已验证) - README 给出最小配置路径 `~/.mcpproxy/mcp_config.json`,默认数据目录 `~/.mcpproxy`。 - README 命令列表包含 `mcpproxy upstream list/restart/logs` 等上游管理能力。 - README Quick Start 表明默认会在 :8080 启动 HTTP server。 - GitHub:213 stars · 24 forks;最近更新 2026-05-12(GitHub API 验证)。 ## 正文 把 MCPProxy 当作“工具防火墙”来用: 1. 上游列表要精简:不用的 server 直接 disable。 2. 用 `mcpproxy tools list --server=NAME` 先核对上游真实暴露的工具,再决定是否信任。 3. 对风险较高的 stdio server,开启 Docker 隔离,默认不让它直接碰宿主机。 4. 事故期间优先看 `doctor` 和 upstream logs:代理是单一入口,排障更快。 当你需要在多个客户端/多台机器共享 MCP 配置时,这个“单点控制面”尤其有价值。 ### FAQ **只有 GUI 吗?** 答:不是。README 同时提供完整 CLI(`mcpproxy ...`)与可选托盘 UI。 **配置存在哪里?** 答:README 显示最小配置路径是 `~/.mcpproxy/mcp_config.json`。 **对安全有帮助吗?** 答:有。README 描述了隔离区与 Docker 隔离等安全模式。 ## 来源与感谢 > Source: https://github.com/smart-mcp-proxy/mcpproxy-go > License: MIT > GitHub stars: 213 · forks: 24 --- Source: https://tokrepo.com/en/workflows/mcpproxy-secure-mcp-tool-router-quarantine Author: MCP Hub