MCP (Model Context Protocol)

@interven/mcp-guard is an MCP server that scans every tools/call through Interven before it executes. Drop it into your MCP client configuration and every tool call gets policy + risk evaluation.

Install

npm install -g @interven/mcp-guard

Or run directly:

npx @interven/mcp-guard

Configure with Claude Desktop

Add to your claude_desktop_config.json:

{
  "mcpServers": {
    "interven-guard": {
      "command": "npx",
      "args": ["@interven/mcp-guard"],
      "env": {
        "INTERVEN_API_KEY": "iv_live_YOUR_KEY"
      }
    }
  }
}

Configure with Cursor / Cline

Same pattern — add the MCP server to your IDE's MCP configuration with the INTERVEN_API_KEY environment variable.

Proxy Mode

For full interception of an existing MCP server's tool calls, use proxy mode:

npx @interven/mcp-guard proxy -- npx @your-org/your-mcp-server

This spawns your MCP server as a child process and intercepts every tools/call JSON-RPC message. The agent sees the same tools, but each call is scanned before execution.

{
  "mcpServers": {
    "guarded-server": {
      "command": "npx",
      "args": ["@interven/mcp-guard", "proxy", "--", "npx", "@your-org/your-mcp-server"],
      "env": {
        "INTERVEN_API_KEY": "iv_live_YOUR_KEY"
      }
    }
  }
}

Environment Variables

Exposed MCP Tools

The guard exposes two tools to the LLM:

• interven_scan — manually scan a tool call before execution
• interven_scan_response — scan a response body for exfiltration correlation

Exposed MCP Resources

• interven://about — context about Interven for the LLM to understand the guard

Decisions