🔒 Why You Need This: Enterprise-Grade AI Security Meets Autonomous Agents

Giving AI assistants like Claude, Cursor, and Windsurf access to your codebase and the web is a superpower. But passing sensitive enterprise data to remote LLMs is a massive security risk. Furthermore, hitting token limits quickly degrades LLM context windows and increases costs.

The Problem: You want the massive productivity boost of agentic workflows, but you cannot compromise on Data Loss Prevention (DLP), compliance, leak prevention, or token bloat.

The Solution: AgenticStore MCP Server solves the entire equation natively:

• 🛡️ The LLM Prompt Firewall: A secure local proxy that intercepts, scans, and sanitizes your prompts before they leave your machine. It flags leaked secrets, PII, and API keys, using local models (like Ollama) to sanitize data and generate strict audit traces for all AI usage.
• 🧰 The MCP Toolkit (31 Tools): A production-ready arsenal. Instantly arm your AI with everything from code analyzers and CVE vulnerability scanners (OSV CVE scans), to context pruners, token optimizers, persistent semantic memory, and self-hosted SearXNG web search.

Zero subscriptions. Zero vendor lock-in. Configure your MCP tools manually or effortlessly through a beautiful local GUI.

🎥 Prompt Firewall Demo

(If the video above doesn't load, click here to watch the demo)

🎥 Watch the GUI Demo in Action (MCP Tools)

(If the video above doesn't load, click here to watch the demo)

🏗️ How It Works

🔥 Why Choose AgenticStore MCP?

• 🛡️ LLM Prompt Firewall: Intercept, sanitize, and perform prompt recording for all data leaving your system, ensuring robust AI security.
• 🔒 100% Privacy-First: Everything runs locally. Generate reliable audit traces for AI usage while your code and data never leave your machine unaudited.
• ✂️ LLM Token Optimization: Radically reduce your token burn with code structural compression (token_optimizer) and relevance-based context trimming (context_pruner).
• 💸 Truly Free: No accounts, no paywalls, no subscriptions.
• 🧠 Persistent Agent Memory: Let your AI remember facts and contexts across sessions seamlessly.
• ⚡ Plug & Play: Installs instantly via uvx or pip. MCP configuration supports both manual JSON and GUI workflows.

📋 Table of Contents

• 🛡️ LLM Prompt Firewall & Sanitization
• 🧰 What's Inside the Toolkit
• 🚀 Quick Start Guide (Fastest Way to Install)
  • V0: Python/uvx (Recommended)
  • V1: From GitHub Source
  • V2: MCP Hub Webapp (UI)
• 🔌 Connect to Your AI Client
• 🗂 Tool Directory — All 31 Tools
• 💻 Claude Code CLI Integration
• 🔎 Enabling Web Search
• 🎛 Overriding Configs & Advanced Usage

🛡️ LLM Prompt Firewall & Sanitization

The Prompt Firewall gives you complete control over what natural language data and code leaves your computer when using cloud-based AI coding assistants, delivering enterprise-grade AI security.

[!NOTE] The Firewall feature is currently tested and stable on macOS. Support for Linux and Windows is coming soon!

Key Features:

• Proxy Interception: Set up a local proxy to monitor all LLM traffic.
• Audit Traces for AI Usage: Automatically generate prompt recording logs. Get clear warnings at each prompt level showing exactly what was changed or redacted.
• 1-Click UI Setup: Install certificate -> start proxy. The magic starts immediately. (Note: Firewall setup is only made available on the UI to ensure smooth installation and operation).
• Local LLM Integration (Optional): Connect your local Ollama instance. Download open-source models to run completely local, pre-flight prompt sanitization, scanning your code to make it better and safer before sending it to a remote API.
• Rule-Based Sanitization: Easily define regex or grammar rules to block PII, AWS keys, database strings, or proprietary logic.

To enable the firewall and begin collecting audit traces for AI usage, start the GUI Webapp and navigate to the Firewall tab to install the certificate and start the proxy. For deeper technical architecture, read the officially provided AgenticStore Prompt Firewall Documentation or visit the main site at agenticstore.dev.

🧰 What's Inside the Toolkit (31 MCP Tools)

Equip your AI client with these modules containing 31 specific MCP tools, categorized strategically for maximum productivity:

• 🛡️ Local Only: 22 tools executing privately without any external API dependencies.
• ☁️ API Required: 7 tools strictly connecting to remote providers (like the GitHub API or Web connectors).
• 📝 Write Access: 6 tools capable of safely modifying your repos or local files.
• 👓 Read Only: 25 tools limited purely to context ingestion ensuring safety by default.

🚀 Quick Start Guide (Fastest Way to Install)

Pick the setup that best fits your workflow. MCP supports both manual configuration and GUI-based management setup. Don't know which to pick? Start with V0.

pip install agentic-store-mcp --upgrade

agentic-store-mcp

agentic-store-mcp --version

pip install git+https://github.com/agenticstore/agentic-store-mcp.git

agentic-store-mcp

# Ensure it is installed via pip
pip install agentic-store-mcp --upgrade

# Launch the web UI  automatically bundled with the core package
agentic-store-webapp 

🔌 Connect to Your AI Client

Because AgenticStore MCP supports both manual configuration and management via the GUI, you can manually add the configuration snippet to your respective client's config file if you prefer. Remember to restart the client after saving! For an in-depth guide on linking AI agents properly, visit the Client Connection Documentation on agenticstore.dev.

Standard Copy-Paste Config

Basic Setup:

{
  "mcpServers": {
    "agentic-store-mcp": {
      "command": "agentic-store-mcp",
      "args": []
    }
  }
}

With Web Search (SearXNG) enabled:

{
  "mcpServers": {
    "agentic-store-mcp": {
      "command": "agentic-store-mcp",
      "args": [],
      "env": {
        "SEARXNG_URL": "http://localhost:8080"
      }
    }
  }
}

🗂 Tool Directory — All 31 Tools

💻 Claude Code CLI Integration

AgenticStore MCP is fully compatible with Claude Code explicitly for terminal workflows, allowing developers full access to the 31 command capacities directly interacting via the command line.

Safe CLI Execution Modes

Automatically install the application directly into your ~/.claude/settings.json seamlessly resolving connection bindings. The CLI handles both traditional operation and state-of-the-art intercepting proxy verification cleanly via a dynamic CLI command structure.

Default Mode: (For direct API calling — connects to normal Anthropic models purely without firewall tracking):

agentic-store-mcp --install-claude

• Explicitly registers to the user's ~/.claude/settings.json locally.
• Actively forces launchctl unsetenv cleanup dropping any stale ANTHROPIC_BASE_URL routing bindings to assure 100% stable connection directly to Anthropic standard APIs.
• Removes proxy-forcing traces dynamically from your target system environment ~/.zshrc/~/.bash_profile — new terminals always start completely clean.

Firewall Mode: (Pre-validates proxy stability mapping traffic efficiently directly into Prompt Recoding security boundaries protecting enterprise secrets):

agentic-store-mcp --install-claude --firewall-mode

• First natively verifies the AgenticStore firewall proxy is correctly listening across Port 8766 before touching configuration trees preventing deployment breakages completely.
• Formally injects launchctl setenv routing instructions properly writing nc-guarded shell profile blocks into Node.js TLS ANTHROPIC_BASE_URL interception directly into Claude.

(Note: --firewall-mode explicitly refuses to run unaccompanied. It requires --install-claude actively passed alongside it).

Manual Configuration

Run claude mcp add agentic-store-mcp "agentic-store-mcp".

🔎 Enabling Web Search

To give your agent internet access, agentic_web_search uses a private SearXNG instance.

If you'd like to use a remote API or host your own container, simply append its URL.

Pass the environment variable to your AI Client:

{
  "mcpServers": {
    "agentic-store-mcp": {
      "command": "agentic-store-mcp",
      "args": [],
      "env": {
        "SEARXNG_URL": "http://localhost:8080"
      }
    }
  }
}

🎛 Overriding Configs & Advanced Usage

Overriding configs is related to your MCP setup. MCP supports both manual and GUI setup, so you can filter exactly what tools get loaded via environment variables if integrating deeply without the web GUI.

# Debug: List what would be loaded and exit
agentic-store-mcp --list

Note: The LLM Prompt Firewall is exclusively configured via the UI. The firewall is only made available on the UI to ensure smooth setup, robust proxy interception, and seamless prompt recording out of the box.

🛠️ Troubleshooting

Internet Disruption After Proxy Use When dealing with the LLM Prompt Firewall proxy, if the server is terminated abruptly, there could be an internet disruption on your machine due to residual system proxy settings.

If you lose internet connection after a crash, run this command in your terminal to restore your proxy to default:

networksetup -setsecurewebproxystate "Wi-Fi" off

🤝 Contributing & Community

Contributions are what make the open-source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.

If you'd like to contribute code or improvements, please fork the repository and create a Pull Request.

⭐ If this toolkit saved you 10 hours of configuration, please give us a star to help others find it!

📜 License & Support

This project is licensed under the MIT License — free to use, modify, and distribute. See LICENSE for details.