MCP Security Gateway

Block poisoned tools before your agents touch production.

Veil Firewall sits between Claude Code, Cursor, and your custom agents and every MCP server they call. It inspects tool metadata, arguments, responses, URLs, PII, and secrets, then enforces per-tenant policy with a real audit trail.

Create a key Read the docs

Hosted proxy + local bridge

{
  "mode": "proxy",
  "endpoint": "https://firewall.veil-api.com/v1/mcp/proxy/acme/notion",
  "transport": ["http-jsonrpc", "local-stdio-bridge"],
  "inspects": [
    "tools/list",
    "tools/call",
    "request payloads",
    "response payloads"
  ]
}

What gets blocked

Prompt injection

Detect hidden instructions, approval bypasses, tool misuse, and system prompt extraction attempts in tool metadata.

SSRF + egress control

Block localhost, RFC1918 space, link-local targets, and non-allowlisted domains before requests ever leave the firewall.

PII + secrets

Redact customer data and credentials in both tool inputs and outputs, then store encrypted audit evidence for review.

Start Free

Create a Firewall Key

Free tier includes 1,000 inspections per month.

Why buyers say yes

Drop-in control point

No agent rewrite required. Register upstream MCP servers once, then point clients at the firewall.

SOC2 evidence trail

Every allow, deny, modify, and review decision is logged with policy hits, detections, bytes, and token estimates.

Enterprise defaults

Encrypted raw payloads, signed webhooks, tenant policies, and explicit approval flows are built in from day one.

Pricing

Free

$0

1,000 inspections per month. Enough for local evaluation, demos, and one internal agent rollout.

Starter

$99/mo

10,000 inspections per month. Best for teams shipping MCP-backed tools into production for the first time.

Growth

$299/mo

100,000 inspections per month. Adds enough headroom for multiple agent products and internal platform usage.

Enterprise

$999/mo starting point for 1M+ inspections, dedicated onboarding, and custom review workflows. Same hosted product, higher volume ceiling.

Two Real Examples

Claude Code via stdio bridge

{
  "command": "veil-firewall-stdio",
  "args": ["--base-url", "https://firewall.veil-api.com"],
  "env": {
    "VEIL_FIREWALL_API_KEY": "vf_...",
    "VEIL_FIREWALL_TENANT": "acme",
    "VEIL_FIREWALL_SERVER": "filesystem"
  }
}

Cursor via stdio bridge

{
  "mcpServers": {
    "filesystem-firewall": {
      "command": "veil-firewall-stdio",
      "args": ["--base-url", "https://firewall.veil-api.com"],
      "env": {
        "VEIL_FIREWALL_API_KEY": "vf_...",
        "VEIL_FIREWALL_TENANT": "acme",
        "VEIL_FIREWALL_SERVER": "filesystem"
      }
    }
  }
}

Custom HTTP JSON-RPC

POST /v1/mcp/proxy/acme/filesystem
Authorization: Bearer vf_...
Content-Type: application/json

{"jsonrpc":"2.0","id":42,"method":"tools/list","params":{}}
Interactive Inspect

Try the inspection API

Result

Waiting
Run the demo to see allow, deny, modify, or review decisions.