MCP Server
SafeLLM includes a built-in MCP stdio server with a plugin architecture. It exposes core security capabilities as tools that can be called from MCP clients.
Why MCP in SafeLLM
Section titled “Why MCP in SafeLLM”- Reuse SafeLLM detection stack outside HTTP gateway path.
- Keep one policy engine for APISIX traffic and agent workflows.
- Extend capabilities via plugin-style MCP tools.
Built-in tools
Section titled “Built-in tools”safellm.guard_decide- Runs full input pipeline (cache -> keywords -> PII -> AI guard when enabled).
- Inputs:
prompt,uri, optionalrequest_id.
safellm.pii_scan- Runs PII layer only.
- Inputs:
text, optionalrequest_id.
safellm.dlp_scan- Runs output DLP scanner.
- Inputs:
text, optionalmode(block|anonymize|log).
Run server (OSS)
Section titled “Run server (OSS)”From safellm-oss:
source .venv/bin/activatepython -m sidecar.mcpRun server (Enterprise)
Section titled “Run server (Enterprise)”From safellm-enterprise/safellm:
source .venv/bin/activatepython -m sidecar.mcpJSON-RPC methods
Section titled “JSON-RPC methods”initializepingtools/listtools/call
Quick smoke test
Section titled “Quick smoke test”printf '%s\n%s\n' \ '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{}}' \ '{"jsonrpc":"2.0","id":2,"method":"tools/list","params":{}}' \ | python -m sidecar.mcpPlugin architecture details
Section titled “Plugin architecture details”Core plugin API lives in:
sidecar/mcp/base.pysidecar/mcp/registry.py
Built-in plugin implementations:
sidecar/mcp/plugins/security.py
Server bootstrap and stdio runtime:
sidecar/mcp/server.pysidecar/mcp/__main__.py
To add custom tools, implement MCPToolPlugin, register it in MCPToolRegistry, and expose it during server bootstrap.
Reference deployment
Section titled “Reference deployment”- Docs:
/deployments/mcp-reference/ - Repo folder:
safellm-oss/examples/mcp-reference/