Available Plugins¶

MCP Context Forge provides a comprehensive collection of production-ready plugins for security, performance, content transformation, and compliance. This page catalogs all available native and external plugins.

Plugin Categories¶

Security & Safety
Reliability & Performance
Content Transformation & Formatting
Content Filtering & Validation
Compliance & Governance
Network & Integration
Policy Enforcement

Security & Safety¶

Plugins for protecting against security threats, detecting sensitive data, and moderating content.

Plugin	Type	Description
PII Filter	Native	Detects and masks sensitive information including SSN, credit cards, and emails with configurable masking strategies
Secrets Detection	Native	Detects likely credentials/secrets (AWS keys, API keys, JWT tokens, private keys) in inputs and outputs with optional redaction and blocking
Code Safety Linter	Native	Detects unsafe code patterns in tool outputs (eval, exec, os.system, subprocess, rm -rf)
Safe HTML Sanitizer	Native	Sanitizes HTML to remove XSS vectors, dangerous tags, event handlers, and bad URL schemes with optional text conversion
SQL Sanitizer	Native	Detects risky SQL patterns and sanitizes/blocks dangerous statements (DROP, TRUNCATE, DELETE/UPDATE without WHERE)
Harmful Content Detector	Native	Detects harmful content (self-harm, violence, hate speech) via lexicons and blocks or annotates accordingly
Content Moderation	Native	Advanced AI-powered content moderation using IBM Watson, IBM Granite Guardian, OpenAI, Azure, or AWS with configurable thresholds and actions
URL Reputation	Native	Static URL reputation checks using blocked domains and patterns
VirusTotal Checker	Native	Integrates with VirusTotal v3 to check URLs, domains, IPs, and file hashes before fetching with configurable blocking policies
LLMGuard	External	Comprehensive AI guardrails utilizing LLM Guard library with filters and sanitizers for input prompts and model outputs. Supports complex policy expressions and vault-based anonymization
ClamAV Remote	External	External MCP server plugin that scans files and text content using ClamAV for malware detection in resources, prompts, and tool outputs

Reliability & Performance¶

Plugins for improving system reliability, performance, and resource management.

Plugin	Type	Description
Circuit Breaker	Native	Trips per-tool breaker on high error rates or consecutive failures and blocks during cooldown
Watchdog	Native	Enforces maximum runtime for tools with warn or block actions on threshold violations
Rate Limiter	Native	Fixed-window in-memory rate limiting by user, tenant, or tool
Cached Tool Result	Native	Caches idempotent tool results in-memory with configurable TTL and key fields
Response Cache by Prompt	Native	Advisory response cache using cosine similarity over prompt/input fields with configurable threshold
Retry with Backoff	Native	Annotates retry/backoff policy in metadata with exponential backoff on specific HTTP status codes

Content Transformation & Formatting¶

Plugins for transforming, formatting, and normalizing content.

Plugin	Type	Description
AI Artifacts Normalizer	Native	Normalizes AI artifacts including smart quotes, ligatures, dashes, ellipses; removes bidi/zero-width characters; collapses spacing
Argument Normalizer	Native	Normalizes user/tool arguments with Unicode normalization, whitespace cleanup, casing strategies, date/number normalization to improve robustness
Code Formatter	Native	Formats code/text outputs with lightweight normalization (indentation, trailing whitespace, newlines, optional JSON pretty-print)
HTML to Markdown	Native	Converts HTML resource content to Markdown format
Markdown Cleaner	Native	Normalizes and tidies Markdown in prompts and resources
JSON Repair	Native	Conservative JSON string repair for tool outputs
Summarizer	Native	Summarizes long text using configurable LLM provider (OpenAI, Anthropic) with threshold-based activation
Timezone Translator	Native	Converts ISO-like timestamps between server and user timezones

Content Filtering & Validation¶

Plugins for filtering, validating, and controlling content.

Plugin	Type	Description
Deny Filter	Native	Deny list plugin for blocking specific content patterns
Regex Filter	Native	Search and replace plugin using regex patterns for content filtering
Resource Filter	Native	Resource filtering with max content size, protocol restrictions, blocked domains, and content pattern replacement
File Type Allowlist	Native	Allows only configured MIME types and file extensions for resources
Output Length Guard	Native	Guards tool outputs by length with block or truncate strategies
Schema Guard	Native	Validates tool arguments and results against JSONSchema subset with optional blocking
Citation Validator	Native	Validates citations/links by checking reachability and optional content keywords

Compliance & Governance¶

Plugins for ensuring compliance with licenses, regulations, and governance policies.

Plugin	Type	Description
Robots License Guard	Native	Honors robots/noai and license meta tags from HTML; blocks or annotates per policy
License Header Injector	Native	Injects configurable license header into code outputs with language-appropriate comments
Privacy Notice Injector	Native	Injects configurable privacy notice into rendered prompts (prepend/append or separate message)

Network & Integration¶

Plugins for network operations and external system integration.

Plugin	Type	Description
Header Injector	Native	Injects custom HTTP headers for resource fetch requests via payload metadata
Webhook Notification	Native	Sends HTTP webhook notifications on events, violations, and state changes with customizable templates
Vault	Native	Generates bearer tokens based on vault-saved tokens for secure authentication

Policy Enforcement¶

Plugins for enforcing custom policies and business rules.

Plugin	Type	Description
OPA Plugin	External	Enforces Rego policies on tool invocations via an OPA server. Allows selective policy application per tool with context injection and customizable policy endpoints

Plugin Types¶

Native Plugins¶

Native plugins run in-process within the gateway for maximum performance:

Location: plugins/ directory
Language: Python
Performance: Lowest latency
Configuration: Fully-qualified class path in plugins/config.yaml
Use Cases: PII filtering, input validation, content transformation, business rules

Example configuration:

plugins:
  - name: "PIIFilterPlugin"
    kind: "plugins.pii_filter.pii_filter.PIIFilterPlugin"
    hooks: ["tool_pre_invoke", "tool_post_invoke"]
    mode: "enforce"
    priority: 50

External Plugins¶

External plugins run as separate MCP servers for independent scaling and isolation:

Location: plugins/external/ directory
Protocol: MCP (STDIO or Streamable HTTP)
Performance: 10-100ms latency (cached: <5ms)
Configuration: kind: "external" with MCP connection details
Use Cases: Advanced AI safety, complex ML inference, policy engines

Example configuration:

plugins:
  - name: "OPAPluginFilter"
    kind: "external"
    priority: 10
    mcp:
      proto: STREAMABLEHTTP
      url: http://localhost:8000/mcp

Getting Started¶

Using Native Plugins¶

Choose plugins from the catalog above
Add configuration to plugins/config.yaml
Set PLUGINS_ENABLED=true in .env
Restart the gateway: make dev

Using External Plugins¶

Build the external plugin: cd plugins/external/opa && make build
Start the plugin server: make start
Configure gateway to use external plugin in plugins/config.yaml
Restart the gateway: make dev

Plugin Development¶

To create your own plugin, see:

Support & Contributing¶

Documentation: Plugin Framework Guide
Issues: GitHub Issues
Contributing: Follow plugin structure guidelines and include comprehensive tests

For plugin-specific questions, consult the README in each plugin directory.