Security Consideration: Add Vedis Security Layer for MCP Servers

[sypherin]

I've been building AI agents with MCP and noticed a common security gap - prompt injection attacks and secret leakage.

I built Vedis to address this - it's a security layer for MCP agents that:

✅ Detects prompt injection attempts - Blocks malicious prompts before they reach your agent
✅ Blocks PII - Emails, phone numbers, SSNs, credit cards
✅ Filters secrets - AWS keys, GitHub tokens, Stripe keys, JWTs, PEM certificates
✅ Enforces tool policies - Control what tools your agents can access

How it works

One config change, zero code changes:

vedis:
  enabled: true
  block_pii: true
  block_secrets: true
  max_tokens: 1000

Why this matters for Microsoft MCP

As the official catalog of Microsoft MCP server implementations, security is critical. Vedis can help protect users from:

• Prompt injection attacks in MCP server implementations
• Accidental secret leakage in server responses
• PII exposure in data access and tool integration

Available at

https://vedis-4nexxwa4vq-as.a.run.app

Pricing

• Free: Basic protection
• $49/mo: Starter (up to 10 agents)
• $199/mo: Pro (unlimited agents)

Would you be interested in integrating Vedis as an optional security layer for MCP servers? I'd be happy to contribute or provide more details.

Thanks!

[github-actions]

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @alzimmermsft @anannya03 @anuchandy @g2vinay @microsoft/azure-mcp @xiangyan99.