PSM Gateway FAQs

Question 1

Does PSM Gateway provide audit logs for tool calls?

Accepted Answer

Yes, it generates automated JSONL audit logs for every tool call, recording outcomes (allowed, blocked, rate-limited, error), duration, and any detected threats. Crucially, it includes automatic credential redaction for sensitive argument values like tokens and passwords.

Question 2

Is PSM Gateway compatible with existing MCP clients and servers?

Accepted Answer

Absolutely. It starts as an MCP server itself (e.g., via stdio transport) and then spawns and proxies all configured upstream MCP servers. Clients see a unified tool list, and all security policies are applied transparently without requiring modifications to your AI coding assistants or upstream servers.

Question 3

What kind of security policies can I enforce with PSM Gateway?

Accepted Answer

PSM Gateway offers a multi-stage policy engine allowing you to define tool allow/block lists, specify blocked patterns in arguments, restrict file paths, and set rate limits per server. These policies are evaluated in a strict order, stopping any non-compliant requests.

Question 4

How does PSM Gateway protect against injection attacks?

Accepted Answer

It employs comprehensive detection capabilities against numerous attack patterns, including 8 types of path traversal, 7 types of shell injection, 6 types of SQL injection, and 2 types of command substitution. Any detected threat triggers a block, preventing the malicious call from reaching upstream servers.

Question 5

What is PSM Gateway and what problem does it solve?

Accepted Answer

PSM Gateway is a transparent security proxy for the Model Context Protocol (MCP). It intercepts all MCP traffic between AI clients and servers to enforce security policies, block various injection attacks, and log audit trails, addressing the critical security vulnerabilities prevalent in MCP server implementations.

PSM Gateway

PSM Gateway

Key Features

Use Cases

Key Features

Use Cases