Skip to main content

McpMonitor

llmtrace_security::mcp_monitor

Struct McpMonitor 

Source 
pub struct McpMonitor { /* private fields */ }
Expand description

MCP Protocol Security Monitor.

Tracks registered MCP servers and their tools, validates server trust, detects injection in tool schemas and responses, and flags exfiltration attempts.

Implementations§

Source§

impl McpMonitor

Source

pub fn new(config: McpMonitorConfig) -> Self

Create a new monitor from the given configuration.

Source

pub fn with_defaults() -> Self

Create a monitor with sensible defaults.

Source

pub fn register_server( &mut self, uri: &str, name: &str, tools: HashMap<String, String>, ) -> Result<(), Vec<McpSecurityViolation>>

Register an MCP server and its tools.

Returns an error if the server is not on the allowlist, or if any tool triggers a security violation (shadowing, schema injection, etc.).

Source

pub fn validate_server(&self, uri: &str) -> ServerValidation

Validate whether a server URI is on the allowlist.

Source

pub fn validate_tool_schema( &self, _tool_name: &str, description: &str, param_descriptions: &[&str], ) -> SchemaValidation

Scan a tool’s description and parameter descriptions for injection patterns.

Source

pub fn detect_tool_shadowing( &self, tool_name: &str, server_uri: &str, ) -> Option<ShadowingAlert>

Detect if a tool name is already registered by a different server.

Source

pub fn validate_tool_response( &self, _tool_name: &str, response_content: &str, ) -> ResponseValidation

Validate a tool’s response content for injection and exfiltration.

Source

pub fn scan_for_injection(&self, text: &str) -> Vec<InjectionIndicator>

Scan arbitrary text for instruction-like injection patterns.

Source

pub fn check_exfiltration_indicators( &self, content: &str, ) -> Vec<ExfiltrationIndicator>

Check text for data-exfiltration indicators (URLs, base64 blocks, etc.).

Source

pub fn to_security_findings( &self, violations: &[McpSecurityViolation], ) -> Vec<SecurityFinding>

Convert a list of MCP violations into SecurityFinding values for the LLMTrace pipeline.

Source

pub fn server_count(&self) -> usize

Number of registered servers.

Source

pub fn tool_count(&self) -> usize

Number of tracked tool-to-server ownership entries.

Trait Implementations§

Source§

impl Debug for McpMonitor

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V