ActionFence: A drop-in middleware for MCP servers to enforce spend caps and policy limits
As we all start giving agents more powerful tools, securing the server side has become a headache. I kept seeing enterprise gateway solutions, but nothing that was just a simple npm install for a solo dev.
So I built ActionFence — an open-source, embeddable firewall specifically designed to sit in front of your MCP servers (and Express APIs).
You wrap your server with one line of code: withGuard(server, { policy: './guard-policy.json' })
Your guard-policy.json acts like a robots.txt for agents. It lets you enforce:
• Identity tiers: Restrict certain tools to anonymous vs. token vs. verified JWT.
• Rate limiting: Prevent agents from looping and spamming your endpoints.
It also logs every decision into an append-only SQLite database as a hash-chained receipt, so you have cryptographic proof of why an action was allowed or blocked.
There is also a simulation CLI (npx actionfence simulate) so you can dry-run your policies before agents hit them. Would love to hear from this community if there are specific MCP edge cases I should handle in v0.2!