arbit 0.18.0

Security proxy for MCP (Model Context Protocol) — auth, rate limiting, payload filtering, and audit logging between AI agents and MCP servers
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

transport:
  type: stdio
  server: ["npx", "-y", "@modelcontextprotocol/server-filesystem", "/tmp/mcp-test"]

audit:
  type: sqlite
  path: "gateway-audit-stdio.db"

agents:
  cursor:
    allowed_tools:
      - read_file
      - list_directory
    rate_limit: 30

  claude-code:
    denied_tools:
      - write_file
      - delete_file
    rate_limit: 60

  # Tight rate limit — for rate limit exhaustion test
  rate-test:
    allowed_tools:
      - read_file
    rate_limit: 2

rules:
  block_patterns:
    - "password"
    - "api_key"
    - "secret"
    - "Bearer "
    - "private_key"