MCP Boundary by Impact Boundary Labs

Local MCP action boundary

Control MCP tool calls before they change real systems.

Wrap local command-based MCP servers, inspect discovered tools, and route concrete tool calls through policy and runtime checks before downstream execution.

Use MCP Boundary when an agent can act through MCP tools and you want a visible boundary before real changes happen.

Download MCP BoundaryGet started

Tool-call path

Agent
MCP Boundary
Policy + runtime check
Downstream MCP server
Outcome recorded

Download

Download MCP Boundary v0.1.0.

Windows and Linux packages are available with SHA-256 checksums.

Windows .zip

mcpboundary-v0.1.0-windows-amd64.zip · 3.7 MB

sha256:6c09fa65b5f797bba435fa9fe69f6f92091429417487fef58da8a4bcccf2d21e
Download

Linux .tar.gz

mcpboundary-v0.1.0-linux-amd64.tar.gz · 3.8 MB

sha256:c64af0b5720f69e505e98f2e20995566f9cdfc28e41b18449b7c8bee21983ce4
Download
ChecksumsRelease notes fileChangelog

Download links count aggregate website events. Local tool lists, policies, activity logs, and downstream results are not sent back to Impact Boundary Labs by MCP Boundary.

Getting started

Extract the package, run quickstart, check the dashboard.

The v0.1.0 package includes a local email demo that runs without provider credentials or a real inbox.

Step 1

Download and extract

Use the Windows ZIP or Linux tarball for v0.1.0.

Step 2

Run quickstart

Start the local email demo from the extracted folder.

Step 3

Check the dashboard

Inspect tools, policy decisions, and activity before real effects.

Terminalgetting started
mcpboundary quickstart email

Works with local command-based MCP servers. Remote and login-heavy servers need separate support.

From an extracted Windows folder, run .\mcpboundary.exe quickstart email. From Linux, run ./mcpboundary quickstart email. If the binary is on PATH, use the shorter command above. Open the local dashboard at http://127.0.0.1:8799.

Product visual

A local dashboard for the run.

Inspect Setup, Tools, Activity, and Policy. See which tools are visible to the agent, which calls were blocked or allowed, and whether downstream execution happened.

OverviewSetupToolsActivityPolicy
Open interactive demo
127.0.0.1:8799
MCP Boundary dashboard showing setup, tools, activity, and policy views

Swipe to inspect the dashboard preview.

Click through the local dashboard.
Inspect discovered MCP tools.
See policy decisions before downstream execution.
Check activity after each tool call.

What it does

MCP Boundary can:

  • wrap a local MCP server
  • discover tools through initialize and tools/list
  • show the tool surface in a dashboard
  • hide tools from the agent
  • allow or block concrete tool calls
  • apply policy and technical limits
  • limit timeouts and response sizes
  • record activity and downstream outcomes
  • return feedback the agent can act on

Known limits

MCP Boundary is not:

  • a full enterprise security gateway
  • a DLP system
  • a prompt-injection detector
  • an automatic semantic safety engine for every MCP server
  • a replacement for code review, database permissions, or email approval processes
  • a hosted remote MCP gateway

Compatibility

Works best with local command-based MCP servers.

If your MCP client can start the server with a local command, MCP Boundary can usually wrap it. Remote and login-heavy servers need separate support.

Works best with

  • local command-based MCP servers
  • stdio transport
  • servers started with command + args
  • npx, uvx, python, node, local binaries, or similar
  • servers that support initialize and tools/list
  • workflows where tool calls should be visible, restricted, or logged

Not ideal yet for

  • remote OAuth-heavy MCP servers
  • servers that require interactive login during startup
  • servers that write logs to stdout
  • non-standard transports
  • servers that only work inside one specific client

Early Access Setup

€139 one-time for the first 15 setup slots.

For builders and small teams working with real MCP servers or agent-tool workflows.

Includes one focused setup session for one real MCP workflow.

We help you wrap one existing MCP server or workflow, inspect the available tools, define one guarded profile, and document which actions should be allowed, reviewed, or blocked.

Not a managed hosting plan, security audit, or custom OAuth/provider integration. It is a focused setup to test MCP Boundary on one real agent-tool workflow.

Reserve a €139 setup slot

Give feedback

MCP Boundary runs locally. Feedback still matters.

MCP Boundary does not send your local MCP server config, discovered tools, policy files, activity logs, or downstream results back to Impact Boundary Labs. The public website may count release downloads in aggregate, and feedback you send by email is processed so we can improve the product.

Give feedbackPrivacy details

Docs and support

More detail when you need it.

Getting started guideCompatibilityKnown limitationsRelease notesArchitecture notesPolicy examplesGive feedback

Before using MCP Boundary

MCP Boundary is a local-first tool for command-based MCP servers. It is not a DLP system, not a prompt-injection detector, and not a full enterprise security gateway.

Read known limitations →