π₯
Gov
MCP Governance System - Permission control and audit logging for Model Context Protocol servers
0 installs
Trust: 37 β Low
Healthcare
Ask AI about Gov
Powered by Claude Β· Grounded in docs
I know everything about Gov. Ask me about installation, configuration, usage, or troubleshooting.
0/500
Loading tools...
Reviews
Documentation
ββββ ββββ βββββββ βββββββ βββββββ βββββββ βββ βββ
βββββ βββββ ββββββββ ββββββββ ββββββββ ββββββββββββ βββ
βββββββββββ βββ ββββββββ βββ βββββββ ββββββ βββ
βββββββββββ βββ βββββββ βββ ββββββ βββββββ ββββ
βββ βββ βββ ββββββββ βββ ββββββββββββββββββ βββββββ
βββ βββ βββββββ βββ βββββββ βββββββ βββββ
MCP Governance System
Permission control and audit logging for Model Context Protocol (MCP) servers.
What is MCP-GOV?
MCP-GOV adds a security layer between your AI assistant (Claude, etc.) and MCP tool servers. It:
- Controls permissions - Block dangerous operations like delete, execute, admin
- Logs everything - Audit trail of all tool calls with timestamps
- Works transparently - No changes needed to your MCP servers
Install
# Using npm
npm install -g mcp-gov
# Or run directly with npx
npx mcp-gov
Usage
mcp-gov
ββββ ββββ βββββββ βββββββ βββββββ βββββββ βββ βββ
βββββ βββββ ββββββββ ββββββββ ββββββββ ββββββββββββ βββ
βββββββββββ βββ ββββββββ βββ βββββββ ββββββ βββ
βββββββββββ βββ βββββββ βββ ββββββ βββββββ ββββ
βββ βββ βββ ββββββββ βββ ββββββββββββββββββ βββββββ
βββ βββ βββββββ βββ βββββββ βββββββ βββββ
v1.3.0
Select action:
1) Wrap MCP servers
2) Unwrap MCP servers
3) View audit logs
4) Edit rules
5) Exit
Enter choice [1-5]:
How It Works
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β WITHOUT MCP-GOV β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β Claude βββββββββββββββββββββββββββββββΊ MCP Server β
β (all operations allowed) (filesystem, β
β github, etc.) β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β WITH MCP-GOV β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β Claude βββββΊ mcp-gov-proxy βββββΊ MCP Server β
β β β
β βββ Check rules.json β
β β βββ read: β
allow β
β β βββ write: β
allow β
β β βββ delete: β deny β
β β βββ admin: β deny β
β β β
β βββ Log to audit.log β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Workflow
1. Install npm install -g mcp-gov
β
βΌ
2. Run mcp-gov
β
βΌ
3. Select 1) Wrap MCP servers
β
βΌ
4. Enter path ~/.claude.json
β
βΌ
5. Done! β Servers wrapped
β Rules generated at ~/.mcp-gov/rules.json
β Audit logs at ~/.mcp-gov/logs/
Default Rules
Rules are auto-generated at ~/.mcp-gov/rules.json:
| Operation | Default | Examples |
|---|---|---|
| read | β Allow | get, list, search, fetch |
| write | β Allow | create, update, add, save |
| delete | β Deny | delete, remove, drop, purge |
| execute | β Deny | run, exec, invoke, trigger |
| admin | β Deny | admin, configure, grant |
Files
| Path | Description |
|---|---|
~/.mcp-gov/rules.json | Governance rules |
~/.mcp-gov/logs/*.log | Audit logs by service |
Rules Format
{
"rules": [
{
"service": "github",
"operations": ["delete"],
"permission": "deny",
"reason": "Block destructive operations"
},
{
"service": "github",
"operations": ["read", "write"],
"permission": "allow"
}
]
}
Audit Log Format
[AUDIT] 2026-01-24T10:30:45.123Z | DENIED | tool=delete_repo | service=github | operation=delete | project=/home/user/myproject
CLI Commands
The interactive menu is recommended, but you can also use commands directly:
# Wrap servers
mcp-gov-wrap --config ~/.claude.json
# Unwrap servers
mcp-gov-unwrap --config ~/.claude.json
# Low-level proxy (used internally)
mcp-gov-proxy --service github --target "npx server" --rules ~/.mcp-gov/rules.json
License
Apache-2.0 β see LICENSE.