Available PluginsΒΆ
MCP Context Forge provides a comprehensive collection of production-ready plugins for security, performance, content transformation, and compliance. This page catalogs all available native and external plugins.
Plugin CategoriesΒΆ
- Security & Safety
- Reliability & Performance
- Content Transformation & Formatting
- Content Filtering & Validation
- Compliance & Governance
- Network & Integration
- Policy Enforcement
Security & SafetyΒΆ
Plugins for protecting against security threats, detecting sensitive data, and moderating content.
Plugin | Type | Description |
---|---|---|
PII Filter | Native | Detects and masks sensitive information including SSN, credit cards, and emails with configurable masking strategies |
Secrets Detection | Native | Detects likely credentials/secrets (AWS keys, API keys, JWT tokens, private keys) in inputs and outputs with optional redaction and blocking |
Code Safety Linter | Native | Detects unsafe code patterns in tool outputs (eval, exec, os.system, subprocess, rm -rf) |
Safe HTML Sanitizer | Native | Sanitizes HTML to remove XSS vectors, dangerous tags, event handlers, and bad URL schemes with optional text conversion |
SQL Sanitizer | Native | Detects risky SQL patterns and sanitizes/blocks dangerous statements (DROP, TRUNCATE, DELETE/UPDATE without WHERE) |
Harmful Content Detector | Native | Detects harmful content (self-harm, violence, hate speech) via lexicons and blocks or annotates accordingly |
Content Moderation | Native | Advanced AI-powered content moderation using IBM Watson, IBM Granite Guardian, OpenAI, Azure, or AWS with configurable thresholds and actions |
URL Reputation | Native | Static URL reputation checks using blocked domains and patterns |
VirusTotal Checker | Native | Integrates with VirusTotal v3 to check URLs, domains, IPs, and file hashes before fetching with configurable blocking policies |
LLMGuard | External | Comprehensive AI guardrails utilizing LLM Guard library with filters and sanitizers for input prompts and model outputs. Supports complex policy expressions and vault-based anonymization |
ClamAV Remote | External | External MCP server plugin that scans files and text content using ClamAV for malware detection in resources, prompts, and tool outputs |
Reliability & PerformanceΒΆ
Plugins for improving system reliability, performance, and resource management.
Plugin | Type | Description |
---|---|---|
Circuit Breaker | Native | Trips per-tool breaker on high error rates or consecutive failures and blocks during cooldown |
Watchdog | Native | Enforces maximum runtime for tools with warn or block actions on threshold violations |
Rate Limiter | Native | Fixed-window in-memory rate limiting by user, tenant, or tool |
Cached Tool Result | Native | Caches idempotent tool results in-memory with configurable TTL and key fields |
Response Cache by Prompt | Native | Advisory response cache using cosine similarity over prompt/input fields with configurable threshold |
Retry with Backoff | Native | Annotates retry/backoff policy in metadata with exponential backoff on specific HTTP status codes |
Content Transformation & FormattingΒΆ
Plugins for transforming, formatting, and normalizing content.
Plugin | Type | Description |
---|---|---|
AI Artifacts Normalizer | Native | Normalizes AI artifacts including smart quotes, ligatures, dashes, ellipses; removes bidi/zero-width characters; collapses spacing |
Argument Normalizer | Native | Normalizes user/tool arguments with Unicode normalization, whitespace cleanup, casing strategies, date/number normalization to improve robustness |
Code Formatter | Native | Formats code/text outputs with lightweight normalization (indentation, trailing whitespace, newlines, optional JSON pretty-print) |
HTML to Markdown | Native | Converts HTML resource content to Markdown format |
Markdown Cleaner | Native | Normalizes and tidies Markdown in prompts and resources |
JSON Repair | Native | Conservative JSON string repair for tool outputs |
Summarizer | Native | Summarizes long text using configurable LLM provider (OpenAI, Anthropic) with threshold-based activation |
Timezone Translator | Native | Converts ISO-like timestamps between server and user timezones |
Content Filtering & ValidationΒΆ
Plugins for filtering, validating, and controlling content.
Plugin | Type | Description |
---|---|---|
Deny Filter | Native | Deny list plugin for blocking specific content patterns |
Regex Filter | Native | Search and replace plugin using regex patterns for content filtering |
Resource Filter | Native | Resource filtering with max content size, protocol restrictions, blocked domains, and content pattern replacement |
File Type Allowlist | Native | Allows only configured MIME types and file extensions for resources |
Output Length Guard | Native | Guards tool outputs by length with block or truncate strategies |
Schema Guard | Native | Validates tool arguments and results against JSONSchema subset with optional blocking |
Citation Validator | Native | Validates citations/links by checking reachability and optional content keywords |
Compliance & GovernanceΒΆ
Plugins for ensuring compliance with licenses, regulations, and governance policies.
Plugin | Type | Description |
---|---|---|
Robots License Guard | Native | Honors robots/noai and license meta tags from HTML; blocks or annotates per policy |
License Header Injector | Native | Injects configurable license header into code outputs with language-appropriate comments |
Privacy Notice Injector | Native | Injects configurable privacy notice into rendered prompts (prepend/append or separate message) |
Network & IntegrationΒΆ
Plugins for network operations and external system integration.
Plugin | Type | Description |
---|---|---|
Header Injector | Native | Injects custom HTTP headers for resource fetch requests via payload metadata |
Webhook Notification | Native | Sends HTTP webhook notifications on events, violations, and state changes with customizable templates |
Vault | Native | Generates bearer tokens based on vault-saved tokens for secure authentication |
Policy EnforcementΒΆ
Plugins for enforcing custom policies and business rules.
Plugin | Type | Description |
---|---|---|
OPA Plugin | External | Enforces Rego policies on tool invocations via an OPA server. Allows selective policy application per tool with context injection and customizable policy endpoints |
Plugin TypesΒΆ
Native PluginsΒΆ
Native plugins run in-process within the gateway for maximum performance:
- Location:
plugins/
directory - Language: Python
- Performance: Lowest latency
- Configuration: Fully-qualified class path in
plugins/config.yaml
- Use Cases: PII filtering, input validation, content transformation, business rules
Example configuration:
plugins:
- name: "PIIFilterPlugin"
kind: "plugins.pii_filter.pii_filter.PIIFilterPlugin"
hooks: ["tool_pre_invoke", "tool_post_invoke"]
mode: "enforce"
priority: 50
External PluginsΒΆ
External plugins run as separate MCP servers for independent scaling and isolation:
- Location:
plugins/external/
directory - Protocol: MCP (STDIO or Streamable HTTP)
- Performance: 10-100ms latency (cached: <5ms)
- Configuration:
kind: "external"
with MCP connection details - Use Cases: Advanced AI safety, complex ML inference, policy engines
Example configuration:
plugins:
- name: "OPAPluginFilter"
kind: "external"
priority: 10
mcp:
proto: STREAMABLEHTTP
url: http://localhost:8000/mcp
Getting StartedΒΆ
Using Native PluginsΒΆ
- Choose plugins from the catalog above
- Add configuration to
plugins/config.yaml
- Set
PLUGINS_ENABLED=true
in.env
- Restart the gateway:
make dev
Using External PluginsΒΆ
- Build the external plugin:
cd plugins/external/opa && make build
- Start the plugin server:
make start
- Configure gateway to use external plugin in
plugins/config.yaml
- Restart the gateway:
make dev
Plugin DevelopmentΒΆ
To create your own plugin, see:
Support & ContributingΒΆ
- Documentation: Plugin Framework Guide
- Issues: GitHub Issues
- Contributing: Follow plugin structure guidelines and include comprehensive tests
For plugin-specific questions, consult the README in each plugin directory.