# Quick Start

Protect your MCP servers in under 2 minutes. No code changes required.

SolonGate protects your AI tools and MCP servers from prompt injection, shell execution, path traversal, data exfiltration, and other vulnerabilities that open-source MCP servers introduce. One command, zero code changes.

Option A: MCP Proxy (Recommended)

The fastest way to secure your MCP servers. No code changes, no API keys needed.

1Automatic Setup

Run this in your project directory (where your .mcp.json lives):

bash

1npx @solongate/proxy@latest init --all

This auto-detects your MCP servers, wraps each one with the SolonGate proxy, and saves a backup of your original config.

2Restart Your Client

Restart your MCP client — Claude Code, Claude Desktop, Cursor, Windsurf, Cline, Zed, or any other. Done. Every tool call now passes through SolonGate's security pipeline.

3Verify It Works

Try calling a dangerous tool — it should be blocked:

> shell_exec("rm -rf /")
Error: POLICY_DENIED — "Block shell execution"

> file_read("readme.txt")
"Welcome to..." ✓ Allowed

See the full MCP Proxy documentation for custom policies, rate limiting, and advanced options.

Option B: OpenClaw Plugin

Using OpenClaw? Install the SolonGate plugin to protect all OpenClaw tools automatically.

bash

1npm install @solongate/openclaw-plugin@latest
2export SOLONGATE_API_KEY=sg_live_your_key_here

Add @solongate/openclaw-plugin to your openclaw.yaml plugins list, restart OpenClaw, done.

> exec("rm -rf /")
[SolonGate] DENY — "Block bash/shell execution"

> message("hello!")
ALLOWED ✓

See the full OpenClaw Plugin documentation for configuration, dashboard integration, and all options.

Option C: Inject Protection into Existing Server

Already built your own MCP server? Inject SolonGate protection with one command — no handler changes needed.

1Run Inject

bash

1npx @solongate/proxy@latest inject

Auto-detects your TypeScript project, installs the SDK, and swaps McpServer with SecureMcpServer. Only 2 lines change. A backup is always created.

2Rebuild & Run

bash

1npm run build && npm start

Your tool handlers stay exactly the same. SolonGate wraps them internally with policy evaluation, input guard, and rate limiting.

To undo: npx @solongate/proxy@latest inject --restore. See the MCP Proxy docs for all options.

Introduction MCP Proxy

# Quick Start

Protect your MCP servers in under 2 minutes. No code changes required.

Option A: MCP Proxy (Recommended)

The fastest way to secure your MCP servers. No code changes, no API keys needed.

1Automatic Setup

Run this in your project directory (where your .mcp.json lives):

bash

1npx @solongate/proxy@latest init --all

This auto-detects your MCP servers, wraps each one with the SolonGate proxy, and saves a backup of your original config.

2Restart Your Client

Restart your MCP client — Claude Code, Claude Desktop, Cursor, Windsurf, Cline, Zed, or any other. Done. Every tool call now passes through SolonGate's security pipeline.

3Verify It Works

Try calling a dangerous tool — it should be blocked:

> shell_exec("rm -rf /")
Error: POLICY_DENIED — "Block shell execution"

> file_read("readme.txt")
"Welcome to..." ✓ Allowed

See the full MCP Proxy documentation for custom policies, rate limiting, and advanced options.

Option B: OpenClaw Plugin

Using OpenClaw? Install the SolonGate plugin to protect all OpenClaw tools automatically.

bash

1npm install @solongate/openclaw-plugin@latest
2export SOLONGATE_API_KEY=sg_live_your_key_here

Add @solongate/openclaw-plugin to your openclaw.yaml plugins list, restart OpenClaw, done.

> exec("rm -rf /")
[SolonGate] DENY — "Block bash/shell execution"

> message("hello!")
ALLOWED ✓

See the full OpenClaw Plugin documentation for configuration, dashboard integration, and all options.

Option C: Inject Protection into Existing Server

Already built your own MCP server? Inject SolonGate protection with one command — no handler changes needed.

1Run Inject

bash

1npx @solongate/proxy@latest inject

Auto-detects your TypeScript project, installs the SDK, and swaps McpServer with SecureMcpServer. Only 2 lines change. A backup is always created.

2Rebuild & Run

bash

1npm run build && npm start

Your tool handlers stay exactly the same. SolonGate wraps them internally with policy evaluation, input guard, and rate limiting.

To undo: npx @solongate/proxy@latest inject --restore. See the MCP Proxy docs for all options.