Add Intercept — open-source MCP policy enforcement proxy

[s-a-m-a-i]

What is Intercept?

Intercept is an open-source enforcement proxy that wraps any MCP server and evaluates every tools/call request against YAML-defined policies before forwarding to the upstream server.

What it does

• Block tools — deny destructive operations like delete_repository
• Rate limit — cap tool calls per minute/hour/day
• Validate arguments — enforce conditions on tool call parameters
• Spending caps — stateful counters for financial operations
• Hide tools — remove tools from tools/list so the agent never sees them
• Audit trail — structured JSONL logging of every decision

How it works

Intercept sits between the MCP client and server at the transport layer. The agent doesn't know it's there — it sees the same tools and schemas. Policy enforcement is deterministic (YAML rules, not prompt-based) and adds sub-millisecond latency.

Agent → [Intercept] → MCP Server
             ↑
         policy.yaml

Install

npx -y @policylayer/intercept -c policy.yaml -- npx -y @modelcontextprotocol/server-github

Also available as a Go binary: go install github.com/policylayer/intercept@latest

License: Apache 2.0
npm: @policylayer/intercept
Website: policylayer.com

[s-a-m-a-i]

Resubmitting from org account