Redaction & Compliance Server
БесплатноНе проверенProvides a pre-flight/post-flight firewall for LLM calls with comprehensive detection, classification, policy enforcement, reversible redaction, output safety,
Описание
Provides a pre-flight/post-flight firewall for LLM calls with comprehensive detection, classification, policy enforcement, reversible redaction, output safety, and immutable audit logging.
README
Production-Ready Edition | Version 2.0
This repository contains a production-grade implementation of a Redaction & Compliance Model Context Protocol (MCP) server. It provides a pre-flight / post-flight firewall for LLM calls with comprehensive detection, classification, policy enforcement, reversible redaction, selective detokenization, output safety, and immutable audit logging.
✨ Features
🎯 Core Capabilities
- 🔄 Streaming Support: Real-time streaming for OpenAI, Claude, and Gemini with chunk-by-chunk detokenization
- 🛡️ Claim Verification: Research-based hallucination detection with inline warnings (supports local models)
- 🚀 Transparent Proxy: Zero-code integration - just change your API base URL
- 📊 Production-Grade: NGINX, HTTPS, SIEM integration, Redis backend, systemd service
🔍 Advanced Detection
- Multi-cloud credentials: AWS (AKID, secrets), Azure (Storage Keys, SAS tokens, Connection Strings), GCP (API keys, OAuth)
- OAuth & Bearer tokens: JWT detection, OAuth access tokens
- Crypto keys: PEM (RSA, DSA, EC), PKCS#12, Kubernetes config/tokens
- PII with validation:
- Credit cards with Luhn checksum validation
- SSN with format validation (rejects invalid area codes 000, 666, 900-999)
- Email addresses and phone numbers
- Internal infrastructure: Joby Aviation domains (
*.na.joby.aero,*.az.joby.aero), IP addresses, hostnames - Export control: Aviation keywords (eVTOL, ITAR, FAA certification, flight control systems, propulsion)
🛡️ Policy Engine
- Geo/region constraints: US, EU, APAC, restricted regions (CN, RU, IR, KP, SY)
- Caller-based routing: Trusted caller lists, per-caller detokenization permissions
- Data residency: EU GDPR compliance, region-specific model routing
- Category actions:
block,redact,internal_only,allow - Version tracking: Policy version embedded in all decisions
🔐 Token Store
- In-memory: Fast, stateless, for dev/test
- Redis with AES-GCM: Production-grade with encryption at rest
- AES-256-GCM encryption
- PBKDF2 key derivation
- Automatic TTL management
- Deterministic placeholders:
«token:TYPE:HASH4»stable within conversation scope
⚠️ Output Safety
- 50+ dangerous command patterns: Filesystem destruction, system control, K8s/Docker, databases, cloud infra, network/firewall
- External config support: JSON-based custom pattern loading
- 3 modes:
warning(annotate),block(redact),silent(pass-through)
📊 Audit & Compliance
- Append-only JSONL: Immutable audit trail
- Full context capture: Caller, region, categories, decisions, redaction counts
- Query API: Search and retrieve audit records
- SIEM integration: Real-time shipping to Splunk, Elasticsearch, Datadog, Syslog
- Buffered shipping: <5% overhead, batch mode for production
🚀 Production Installation (5 Minutes)
Automated installer with NGINX, HTTPS, and Client SDK:
# On your Linux server (Ubuntu 20.04+ or RHEL 8+)
wget https://raw.githubusercontent.com/sunkencity999/redaction-compliance-MCP/main/install.sh
chmod +x install.sh
sudo ./install.sh
What it does:
- ✅ Installs all dependencies (Python 3.11, Redis, NGINX)
- ✅ Generates cryptographic secrets (you backup them)
- ✅ Configures SIEM integration (Splunk/Elasticsearch/Datadog)
- ✅ Sets up NGINX reverse proxy with HTTPS (Let's Encrypt or self-signed)
- ✅ Creates systemd service (auto-start on boot)
- ✅ Installs Python Client SDK
- ✅ Creates integration examples
- ✅ Runs full test suite (186+ tests)
Manual installation: See QUICKSTART.md
📦 Client SDKs
Python SDK
Seamless integration for Python/backend applications:
# Install SDK (included in automated installer)
pip install -e .
Usage:
from mcp_client import MCPClient, MCPConfig
# Configure once
mcp = MCPClient(MCPConfig(
server_url="https://mcp.yourcompany.com",
caller="your-app-name"
))
# Protect LLM calls automatically
user_input = "My AWS key is AKIAIOSFODNN7EXAMPLE, help me debug"
# Redact before sending to LLM
sanitized, handle = mcp.redact(user_input)
# sanitized: "My AWS key is «token:SECRET:a3f9», help me debug"
# Send sanitized version to OpenAI/Claude/etc
llm_response = your_llm_function(sanitized)
# Restore non-secret tokens
final = mcp.detokenize(llm_response, handle)
# Secrets stay tokenized, PII/ops_sensitive restored!
Or use the convenience wrapper:
from mcp_client import MCPClient, MCPConfig
mcp = MCPClient(MCPConfig.from_env())
# One-line protection
response = mcp.safe_llm_call(
user_input,
lambda text: openai.ChatCompletion.create(
model="gpt-4",
messages=[{"role": "user", "content": text}]
).choices[0].message.content
)
Examples: See examples/ directory after installation
JavaScript/Browser SDK
For web applications, React, Vue, Angular:
<!-- Include SDK -->
<script src="mcp_client_js/mcp-client.js"></script>
<script>
// Initialize client
const mcp = new MCPClient({
serverUrl: 'https://mcp.yourcompany.com',
caller: 'web-app'
});
// Protect browser-based LLM calls
async function safeChatCompletion(userInput) {
const response = await mcp.safeLLMCall(
userInput,
async (sanitized) => {
// Call OpenAI/Claude from browser
return await callYourLLM(sanitized);
}
);
return response;
}
</script>
React Example:
import { MCPClient } from './mcp-client.js';
const mcp = new MCPClient({
serverUrl: process.env.REACT_APP_MCP_SERVER,
caller: 'react-app'
});
function ChatComponent() {
const handleSubmit = async (input) => {
try {
const response = await mcp.safeLLMCall(input, callOpenAI);
setMessages(prev => [...prev, response]);
} catch (error) {
if (error instanceof MCPBlockedError) {
alert('Request blocked: contains sensitive data');
}
}
};
// ... rest of component
}
TypeScript supported: See mcp_client_js/mcp-client.d.ts
Examples: See mcp_client_js/examples/ for browser and React demos
🔄 Transparent Proxy Mode (NEW!)
Zero-code integration for existing OpenAI/Claude/Gemini apps:
Just change your API base URL and MCP automatically protects all calls!
import openai
# Change this one line:
openai.api_base = "https://mcp.yourcompany.com/v1"
# Your existing code works unchanged!
response = openai.ChatCompletion.create(
model="gpt-4",
messages=[{"role": "user", "content": "My AWS key is AKIA..."}]
)
# MCP automatically redacts before OpenAI sees it!
Supported Providers:
- ✅ OpenAI (
/v1/chat/completions) - Streaming supported - ✅ Claude (
/v1/messages) - Streaming supported - ✅ Gemini (
/v1/models/{model}:generateContent) - Streaming supported
Features:
- ✅ Real-time streaming with chunk-by-chunk detokenization
- ✅ Optional claim verification (hallucination detection)
- ✅ Local model support (vLLM, Ollama, FastAPI)
- ✅ Automatic redaction + detokenization
- ✅ Full audit trail in SIEM
Setup:
# In .env file
PROXY_MODE_ENABLED=true
CLAIM_VERIFICATION_ENABLED=false # Optional
DETOKENIZE_TRUSTED_CALLERS=openai-proxy,claude-proxy,gemini-proxy
Full Guides:
TRANSPARENT_PROXY.md- Proxy mode documentationCLAIM_VERIFICATION.md- Hallucination detection guide
🛡️ Claim Verification (Hallucination Detection)
Optional post-processing layer to verify factual accuracy of LLM responses:
Using a research-based approach, this feature analyzes LLM responses through a 4-stage pipeline to detect and flag potential hallucinations and false claims.
# Enable in .env
CLAIM_VERIFICATION_ENABLED=true
CLAIM_VERIFICATION_MODEL=gpt-4o-mini # Or local model
# Use any LLM normally via transparent proxy
response = openai.ChatCompletion.create(
model="gpt-4",
messages=[{"role": "user", "content": "What was Argentina's inflation in 2023?"}]
)
# If LLM hallucinates a wrong number, you'll see:
print(response.choices[0].message.content)
# "Argentina's inflation reached 300% in 2023."
# ⚠️ **[CLAIM FLAGGED - HIGH CONFIDENCE]**: This claim is likely false.
# Evidence suggests Argentina's inflation was approximately 211% in 2023.
4-Stage Verification Pipeline:
- Sentence Splitting - Break response into sentences with context
- Selection - Filter to verifiable factual claims
- Disambiguation - Resolve or flag ambiguous statements
- Decomposition - Extract atomic, standalone claims
- Verification - Fact-check each claim with confidence scores
Output Modes:
- Inline Warnings: 🚨 High, ⚠️ Medium, ℹ️ Low confidence flags added to text
- Metadata: Full verification details in
mcp_verificationresponse field - No Blocking: Users always see full response + warnings (inform, don't censor)
Local Model Support:
# Use vLLM, Ollama, or FastAPI locally (no API fees, full privacy)
CLAIM_VERIFICATION_BASE_URL=http://localhost:8000/v1
CLAIM_VERIFICATION_MODEL=meta-llama/Meta-Llama-3.1-8B-Instruct
CLAIM_VERIFICATION_REQUIRE_AUTH=false # No authentication needed
Use Cases:
- ✅ Technical/Engineering - Verify calculations, formulas, specifications
- ✅ Scientific - Fact-check research claims, data, constants
- ✅ Financial - Validate statistics, market data, economic claims
- ✅ Medical - Verify dosages, symptoms, treatments (strict mode)
Performance:
- Latency: ~500-1000ms per response (cloud) or ~300ms (local)
- Cost: ~$0.0003/response with gpt-4o-mini, $0 with local models
- Caching: ~80% hit rate reduces both latency and cost
Full Guide: See CLAIM_VERIFICATION.md for complete setup, configuration, and examples.
🌐 API Endpoints (REST)
Core MCP Endpoints:
GET /health→ server health checkPOST /classify→ classify payload sensitivityPOST /redact→ sanitize payload, return token_map_handlePOST /detokenize→ reinject allowed tokens (trusted clients only)POST /route→ produce an execution plan (internal/external, redaction steps)POST /audit/query→ simple audit search
Transparent Proxy Endpoints (when PROXY_MODE_ENABLED=true):
POST /v1/chat/completions→ OpenAI-compatible proxyPOST /v1/messages→ Claude-compatible proxyPOST /v1/models/{model}:generateContent→ Gemini-compatible proxy
Full API documentation: See mcp_redaction/models.py for request/response schemas.
Policy
Edit mcp_redaction/sample_policies/default.yaml. Hot-reload on change is supported (watcher optional).
Stdio / JSON-RPC (MCP) Adapter
See mcp_redaction/stdio_adapter.py for a minimal adapter skeleton you can mount under an agent runtime.
Testing
pytest -q
Production Hardening
- Run behind mTLS and identity-aware proxy
- Use Redis (or KV with envelope encryption) for token maps
- Ship audit logs to SIEM (Splunk/ELK); rotate JSONL files
- Add OPA/Gatekeeper check on detokenize categories
- Extend detectors (NER, export-control classifier), add OCR for attachments
- Enforce geo-routing and model-allow lists in
policy.yaml
Установка Redaction & Compliance Server
У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.
▸ github.com/sunkencity999/redaction-compliance-MCPFAQ
Redaction & Compliance Server MCP бесплатный?
Да, Redaction & Compliance Server MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Redaction & Compliance Server?
Нет, Redaction & Compliance Server работает без API-ключей и переменных окружения.
Redaction & Compliance Server — hosted или self-hosted?
Доступен hosted-вариант: Unyly запускает сервер в облаке, локальная установка не обязательна.
Как установить Redaction & Compliance Server в Claude Desktop, Claude Code или Cursor?
Открой Redaction & Compliance Server на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
Fetch
Web content fetching and conversion for efficient LLM usage.
AWS KB Retrieval
Retrieval from AWS Knowledge Base using Bedrock Agent Runtime.
автор: modelcontextprotocolSpring AI MCP Server
Provides auto-configuration for setting up an MCP server in Spring Boot applications.
llm-analysis-assistant
A very streamlined mcp client that supports calling and monitoring stdio/sse/streamableHttp, and can also view request responses through the /logs page. It also
автор: xuzexin-hzCompare Redaction & Compliance Server with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории ai
