top | item 43331973

Show HN: MCPGod: Fine-grained control over MCP clients, servers, and tools

37 points| gavinuhma | 11 months ago |github.com

Hey everyone, I've wanted an easy way to control which mcp server tools are available to clients. So for example, I might want a gmail server to only expose the read tool (but not send, delete etc).

I figured if I create a cli for spawning mcp servers, I could intercept the stdin, stdout, stderr etc and modify what the clients see when they are making calls to list tools, resources, and prompts.

Well it worked!

In the initial version you can easily add a server to claude with a safe list of tools:

npx -y mcpgod add @modelcontextprotocol/server-everything --client claude --tools=echo,add

Now when you load Claude Desktop, it will only discover the echo and add tools from that server. It's a nice way to keep the agents in line :)

You can check it out here: https://github.com/mcpgod/cli

It will also log everything that a client is doing to ~/mcpgod/logs.

Currently it only has support for claude, but it will be easy to add cursor, cline, windsurf, etc.

With the `tools` command you can list all of a servers tools, and even call a tool directly from the command line, which is pretty fun.

I was thinking it would be nice to create a UI for it to easily enable/disable servers and tools for each client, inspect logs, view analytics, etc.

Thanks for reading!

11 comments

nbbaier|11 months ago

This is nice! I was thinking of writing something like this myself. One thing I ran into though is that Claude Desktop can't connect to the server-everything with the command you listed. This is in the server logs:

  2025-03-11T16:29:00.168Z [@modelcontextprotocol/server-everything] [info] Client transport closed
   ›   Error: Nonexistent flag: --tools echo,add
   ›   See more help with --help

  USAGE
    $ god run [-t <value>]

  FLAGS
    -t, --tools=<value>  Comma separated list of approved tools

Also, there's no logs for ~/mcpgod for me (that folder doesn't even exist)

gavinuhma|11 months ago

Thanks!!

Hrm, re that error: What does “god --version” say?

The log might not show up until you get a successful connection. I’ll look into that.

Thanks for trying it out!

nsonha|11 months ago

I have seen a few of these tools and yet to see usefulness further than not having to edit config manually for each client. Wishlist for something I would use:

- Always run MCP in a sandbox

- If I am gonna browse open source MCP and try them out casually, I need to control permission better than approving tool calling blindly. I prefer to auto approve all calls but control permission for directory access (if run outside of sandbox), or network calls based on configurable criteria

- An UI for tracking of calls

jovezhong|11 months ago

most of the MCP tools use Python env (uvx) or Node or even Java to run ANY CODE on your machine, so even the python virtual env is a sandbox but it's to isolate the dependencies not the file/network access. If you are unlucky, you can still install a malware mcp server to clean up your disk or send your photos to somewhere. MCP servers are just local scripts. There are some permission control from deno but this is not the only runtime engine for MCP server. It'll be cool to have something like Chrome extension permission or iOS/Android permission ask, but I highly doubt this will be available since on your local server, there are just too many ways to run scripts.

gavinuhma|11 months ago

Awesome feedback. I’ll think through this.

The sandbox is spot on; Control what the server can do. Especially important when running locally

Prosammer|11 months ago

Looks cool! Do you see this as something that should be handled by the MCP spec in the future? I'm surprised this isn't built in already.