Skip to content

Feature/mcp guardrail cyborg #3184

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 11 commits into
base: feature/mcp-threat-cyborg
Choose a base branch
from
Open

Feature/mcp guardrail cyborg #3184

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
99d4b4a
making guardrail part of libs
shivam-rawat-akto Sep 16, 2025
f9cfc7a
making guardrail part of libs
shivam-rawat-akto Sep 16, 2025
761c460
updated go.mod and main.go
shivam-rawat-akto Sep 17, 2025
80c26ae
updated go version
shivam-rawat-akto Sep 17, 2025
82c6410
guardrails templates
shivam-rawat-akto Sep 17, 2025
266bcdb
Merge remote-tracking branch 'origin/feature/cyborg-release' into fea…
shivam-rawat-akto Sep 23, 2025
8d731f8
guardrail proxy integration
shivam-rawat-akto Sep 25, 2025
811ab24
guardrail proxy integration
shivam-rawat-akto Sep 26, 2025
7a178f0
Merge remote-tracking branch 'origin/feature/mcp-threat-cyborg' into …
shivam-rawat-akto Sep 29, 2025
3303693
Add mcp-guardrails library
shivam-rawat-akto Sep 29, 2025
ccabc99
added guardrails tempalte save feature
shivam-rawat-akto Sep 29, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
188 changes: 188 additions & 0 deletions apps/database-abstractor/src/main/java/com/akto/action/DbAction.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,14 @@
import com.akto.dto.*;
import com.akto.dto.ApiInfo.ApiInfoKey;
import com.akto.dto.McpReconRequest;
import com.akto.dao.mcp.MCPGuardrailYamlTemplateDao;
import com.akto.dto.mcp.MCPGuardrailConfig;
import com.akto.dto.mcp.MCPGuardrailConfigYamlParser;
import com.akto.dto.mcp.MCPGuardrailType;
import com.akto.utils.MCPGuardrailUtil;
import com.mongodb.client.model.Filters;
import com.mongodb.client.model.Updates;
import org.bson.conversions.Bson;
import com.akto.dto.billing.Organization;
import com.akto.dto.billing.Tokens;
import com.akto.dto.billing.UningestedApiOverage;
Expand Down Expand Up @@ -44,6 +52,7 @@
import com.akto.notifications.slack.SlackSender;
import com.akto.util.enums.GlobalEnums;
import com.akto.utils.CustomAuthUtil;
import com.akto.util.Constants;
import com.akto.utils.KafkaUtils;
import com.akto.utils.RedactAlert;
import com.akto.utils.SampleDataLogs;
Expand Down Expand Up @@ -137,6 +146,31 @@ public class DbAction extends ActionSupport {
@Getter @Setter
private List<McpReconResult> serverDataList;

// MCP Guardrails fields
@Getter @Setter
private List<YamlTemplate> mcpGuardrailTemplates;

@Getter @Setter
private Map<String, MCPGuardrailConfig> mcpGuardrailConfigs;

@Getter @Setter
private YamlTemplate mcpGuardrailTemplate;

@Getter @Setter
private String templateId;

@Getter @Setter
private String guardrailType;

@Getter @Setter
private boolean includeYamlContent = true;

@Getter @Setter
private boolean activeOnly = true;

@Getter @Setter
private String content;

private ModuleInfo moduleInfo;

private static final LoggerMaker loggerMaker = new LoggerMaker(DbAction.class, LogDb.DB_ABS);
Expand Down Expand Up @@ -2874,6 +2908,160 @@ public String storeMcpReconResultsBatch() {
return Action.SUCCESS.toUpperCase();
}

/**
* Fetch all MCP Guardrail YAML templates
*/
public String fetchMCPGuardrailTemplates() {
try {
if (activeOnly) {
mcpGuardrailTemplates = MCPGuardrailYamlTemplateDao.instance.fetchActiveTemplates();
} else {
mcpGuardrailTemplates = MCPGuardrailYamlTemplateDao.instance.findAll(Filters.empty());
}

loggerMaker.infoAndAddToDb("Fetched " + mcpGuardrailTemplates.size() + " MCP Guardrail templates", LogDb.DASHBOARD);
return Action.SUCCESS.toUpperCase();
} catch (Exception e) {
loggerMaker.errorAndAddToDb(e, "Error fetching MCP Guardrail templates: " + e.toString());
addActionError("Failed to fetch MCP Guardrail templates");
return Action.ERROR.toUpperCase();
}
}

/**
* Fetch MCP Guardrail templates by type
*/
public String fetchMCPGuardrailTemplatesByType() {
try {
if (guardrailType == null || guardrailType.trim().isEmpty()) {
addActionError("Guardrail type is required");
return Action.ERROR.toUpperCase();
}

mcpGuardrailTemplates = MCPGuardrailYamlTemplateDao.instance.fetchTemplatesByType(guardrailType.toUpperCase());

loggerMaker.infoAndAddToDb("Fetched " + mcpGuardrailTemplates.size() + " MCP Guardrail templates for type: " + guardrailType, LogDb.DASHBOARD);
return Action.SUCCESS.toUpperCase();
} catch (Exception e) {
loggerMaker.errorAndAddToDb(e, "Error fetching MCP Guardrail templates by type: " + e.toString());
addActionError("Failed to fetch MCP Guardrail templates by type");
return Action.ERROR.toUpperCase();
}
}

/**
* Fetch parsed MCP Guardrail configurations
*/
public String fetchMCPGuardrailConfigs() {
try {
mcpGuardrailConfigs = MCPGuardrailYamlTemplateDao.instance.fetchMCPGuardrailConfig(includeYamlContent);

loggerMaker.infoAndAddToDb("Fetched " + mcpGuardrailConfigs.size() + " MCP Guardrail configurations", LogDb.DASHBOARD);
return Action.SUCCESS.toUpperCase();
} catch (Exception e) {
loggerMaker.errorAndAddToDb(e, "Error fetching MCP Guardrail configurations: " + e.toString());
addActionError("Failed to fetch MCP Guardrail configurations");
return Action.ERROR.toUpperCase();
}
}

/**
* Fetch a specific MCP Guardrail template by ID
*/
public String fetchMCPGuardrailTemplate() {
try {
if (templateId == null || templateId.trim().isEmpty()) {
addActionError("Template ID is required");
return Action.ERROR.toUpperCase();
}

mcpGuardrailTemplate = MCPGuardrailYamlTemplateDao.instance.findOne("id", templateId);

if (mcpGuardrailTemplate == null) {
addActionError("MCP Guardrail template not found");
return Action.ERROR.toUpperCase();
}

loggerMaker.infoAndAddToDb("Fetched MCP Guardrail template: " + templateId, LogDb.DASHBOARD);
return Action.SUCCESS.toUpperCase();
} catch (Exception e) {
loggerMaker.errorAndAddToDb(e, "Error fetching MCP Guardrail template: " + e.toString());
addActionError("Failed to fetch MCP Guardrail template");
return Action.ERROR.toUpperCase();
}
}

/**
* Get available MCP Guardrail types
*/
public String fetchMCPGuardrailTypes() {
try {
// Return all available types as a simple list
MCPGuardrailType[] types = MCPGuardrailType.values();
StringBuilder typesJson = new StringBuilder("[");
for (int i = 0; i < types.length; i++) {
if (i > 0) typesJson.append(",");
typesJson.append("\"").append(types[i].name()).append("\"");
}
typesJson.append("]");

loggerMaker.infoAndAddToDb("Fetched MCP Guardrail types", LogDb.DASHBOARD);
return Action.SUCCESS.toUpperCase();
} catch (Exception e) {
loggerMaker.errorAndAddToDb(e, "Error fetching MCP Guardrail types: " + e.toString());
addActionError("Failed to fetch MCP Guardrail types");
return Action.ERROR.toUpperCase();
}
}

/**
* Save MCP Guardrail YAML template
*/
public String saveMCPGuardrailTemplate() {
try {
if (content == null || content.trim().isEmpty()) {
addActionError("Template content is required");

return Action.ERROR.toUpperCase();
}

// Parse the YAML content to validate it
MCPGuardrailConfig guardrailConfig = MCPGuardrailConfigYamlParser.parseTemplate(content);

if (guardrailConfig.getId() == null || guardrailConfig.getId().trim().isEmpty()) {
addActionError("Template ID is required");
return Action.ERROR.toUpperCase();
}

if (guardrailConfig.getFilter() == null) {
addActionError("Template filter configuration is required");
return Action.ERROR.toUpperCase();
}

if (!guardrailConfig.getFilter().getIsValid()) {
addActionError("Invalid filter configuration: " + guardrailConfig.getFilter().getErrMsg());
return Action.ERROR.toUpperCase();
}

// Get database updates for the template
String userEmail = "system"; // Default user email, can be overridden by request
List<Bson> updates = MCPGuardrailUtil.getDbUpdateForTemplate(content, userEmail);

// Update or insert the template
MCPGuardrailYamlTemplateDao.instance.updateOne(
Filters.eq(Constants.ID, guardrailConfig.getId()),
Updates.combine(updates));

loggerMaker.infoAndAddToDb("Saved MCP Guardrail template with ID: " + guardrailConfig.getId(), LogDb.DASHBOARD);
return Action.SUCCESS.toUpperCase();

} catch (Exception e) {
loggerMaker.errorAndAddToDb(e, "Error saving MCP Guardrail template: " + e.toString());
addActionError("Failed to save MCP Guardrail template: " + e.getMessage());
return Action.ERROR.toUpperCase();
}
}

public List<CustomDataTypeMapper> getCustomDataTypes() {
return customDataTypes;
}
Expand Down
67 changes: 67 additions & 0 deletions apps/database-abstractor/src/main/resources/struts.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1793,6 +1793,73 @@
</result>
</action>

<!-- MCP Guardrails API endpoints -->
<action name="api/mcp/fetchGuardrailTemplates" class="com.akto.action.DbAction" method="fetchMCPGuardrailTemplates">
<interceptor-ref name="json"/>
<interceptor-ref name="defaultStack" />
<result name="SUCCESS" type="json"/>
<result name="ERROR" type="json">
<param name="statusCode">422</param>
<param name="ignoreHierarchy">false</param>
<param name="includeProperties">^actionErrors.*</param>
</result>
</action>

<action name="api/mcp/fetchGuardrailTemplatesByType" class="com.akto.action.DbAction" method="fetchMCPGuardrailTemplatesByType">
<interceptor-ref name="json"/>
<interceptor-ref name="defaultStack" />
<result name="SUCCESS" type="json"/>
<result name="ERROR" type="json">
<param name="statusCode">422</param>
<param name="ignoreHierarchy">false</param>
<param name="includeProperties">^actionErrors.*</param>
</result>
</action>

<action name="api/mcp/fetchGuardrailConfigs" class="com.akto.action.DbAction" method="fetchMCPGuardrailConfigs">
<interceptor-ref name="json"/>
<interceptor-ref name="defaultStack" />
<result name="SUCCESS" type="json"/>
<result name="ERROR" type="json">
<param name="statusCode">422</param>
<param name="ignoreHierarchy">false</param>
<param name="includeProperties">^actionErrors.*</param>
</result>
</action>

<action name="api/mcp/fetchGuardrailTemplate" class="com.akto.action.DbAction" method="fetchMCPGuardrailTemplate">
<interceptor-ref name="json"/>
<interceptor-ref name="defaultStack" />
<result name="SUCCESS" type="json"/>
<result name="ERROR" type="json">
<param name="statusCode">422</param>
<param name="ignoreHierarchy">false</param>
<param name="includeProperties">^actionErrors.*</param>
</result>
</action>

<action name="api/mcp/fetchGuardrailTypes" class="com.akto.action.DbAction" method="fetchMCPGuardrailTypes">
<interceptor-ref name="json"/>
<interceptor-ref name="defaultStack" />
<result name="SUCCESS" type="json"/>
<result name="ERROR" type="json">
<param name="statusCode">422</param>
<param name="ignoreHierarchy">false</param>
<param name="includeProperties">^actionErrors.*</param>
</result>
</action>

<action name="api/mcp/saveGuardrailTemplate" class="com.akto.action.DbAction" method="saveMCPGuardrailTemplate">
<interceptor-ref name="json"/>
<interceptor-ref name="defaultStack" />
<result name="SUCCESS" type="json"/>
<result name="ERROR" type="json">
<param name="statusCode">422</param>
<param name="ignoreHierarchy">false</param>
<param name="includeProperties">^actionErrors.*</param>
</result>
</action>

</package>

</struts>
1 change: 0 additions & 1 deletion apps/mcp-guardrails/PROJECT_STRUCTURE.md
View file
Open in desktop

This file was deleted.

Loading
Loading