Current focus
Building trustworthy open-source middleware that helps developers use AI agents productively while keeping risky tool access explicit, reviewable, and local.
Open-source developer
Samuel Indra Bastian
Maintainer of SecureMCP-Lite, focused on practical open-source infrastructure for safer AI workflows, tighter MCP boundaries, and developer-first security tooling.
Node.jsTypeScriptMCP SecurityOSS Infrastructure
Why this project exists
Useful AI tooling needs a real control layer.
MCP makes local tools much more powerful. That power is useful, but it also raises the cost of weak defaults. SecureMCP-Lite exists to put a boring, inspectable policy layer in front of MCP tool calls before they hit the real server.
Open-source style
Minimal scope, strong defaults, readable code, credible docs, and practical workflows that real teams can adopt without introducing a platform-sized maintenance burden.
How to follow the work
The best place to track progress is the repository itself: issues, releases, docs updates, demo scenarios, and compatibility notes should all stay visible in the open.