Agent Prompt Injection Firewall MCP

WAF for AI agents — block prompt injection before it reaches the LLM

Agents that blindly forward user input + retrieved documents to other agents are the #1 production AI vulnerability (OWASP LLM01). This MCP is the pre-flight gate.

By MEOK AI Labs.

Quick Install

Client	Install
Claude Desktop
Cursor
VS Code
Windsurf
Docker	`docker run -p 8000:8000 agent-prompt-injection-firewall-mcp`
pip	`pip install agent-prompt-injection-firewall-mcp`

Install

pip install agent-prompt-injection-firewall-mcp

Tools

scan_prompt
define_custom_rule
list_rules
scan_log
sign_firewall_attestation

Claude Desktop

{
  "mcpServers": {
    "agentpromptinjectionfirewall": { "command": "agent-prompt-injection-firewall-mcp" }
  }
}

Tiers

Free — generous daily limit (100-1,000 depending on operation)
Pro £199/mo — unlimited + signed HMAC attestations with public verify URLs — subscribe
Enterprise £1,499/mo — multi-tenant + custom predicate DSL + SIEM webhook push — subscribe

Why this exists

The EU AI Act (Aug 2026), DORA (live), ISO 42001, and OWASP LLM01 Top-10 all demand runtime controls for agent systems — not just deployment-time audits. This MCP is that runtime control layer, emitting cryptographically signed evidence your auditor accepts.

Related MEOK A2A MCPs

agent-policy-enforcement-mcp — per-pair IAM
agent-handoff-certified-mcp — signed delegation chain
agent-prompt-injection-firewall-mcp — prompt injection WAF
agent-rate-limiter-mcp — fleet-wide quota
agent-audit-logger-mcp — hash-chained signed log
a2a-governance-bridge-mcp — map A2A to compliance frameworks
meok-attestation-verify — independent cert verifier

License

MIT — MEOK AI Labs, 2026.

Agent Prompt Injection Firewall MCP