P4ST4S/mcp-audit

Overview

P4ST4S/mcp-audit is a transparent Go proxy that intercepts all MCP tool calls between any client and server. It signs each call and maintains an audit log without requiring modifications to either endpoint.

Best for

Best for
Developers who need to audit or secure MCP tool call interactions without modifying existing systems

Use cases

• Auditing MCP tool calls for compliance or security review
• Signing tool calls to verify integrity and authenticity
• Debugging MCP interactions by capturing call details transparently

Notes

P4ST4S/mcp-audit is a transparent Go proxy that intercepts all MCP tool calls between any client and server. It signs each call and maintains an audit log without requiring modifications to either endpoint.

4 stars on GitHub. Last updated 2026-06-01. Licensed Apache-2.0.

Use cases

• Auditing MCP tool calls for compliance or security review
• Signing tool calls to verify integrity and authenticity
• Debugging MCP interactions by capturing call details transparently

Pros

• Transparent operation: no changes needed to client or server
• Written in Go, offering good performance and easy deployment
• Provides both signing and audit logging in a single tool

Cons

• Small community with only 4 GitHub stars
• Limited to the MCP protocol, not applicable to other APIs
• Introduces proxy latency and a potential single point of failure

Indexed from awesome-mcp-servers-punkpeye and enriched against its public facts.