Peta Core
The Control Plane for MCP — secure vault, managed runtime, audit trail, and policy-based approvals.
What is Peta Core?
Peta Core is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to control plane for mcp — secure vault, managed runtime, audit trail, and policy-based approvals.
The Control Plane for MCP — secure vault, managed runtime, audit trail, and policy-based approvals.
This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- The Control Plane for MCP — secure vault, managed runtime, a
Use Cases
Maintainer
Works with
Installation
Manual Installation
npx peta-coreConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use Peta Core
Peta Core is an enterprise-grade control plane for MCP deployments that acts as a secure gateway between AI agents and the MCP servers they consume. It provides server-side credential injection (so API keys are never exposed to the agent), a policy engine with per-user and per-tool access controls, comprehensive audit logging of every tool call, and an approval workflow for sensitive operations. Teams use it to centrally govern which tools each agent can access, enforce rate limits, and maintain a tamper-proof audit trail — all without modifying individual MCP servers.
Prerequisites
- Node.js 18 or later
- PostgreSQL 15 or later for policy and audit storage
- TypeScript 5.0 or later (for building from source)
- An MCP client such as Claude Desktop or Claude Code that supports remote MCP endpoints
- Docker and Docker Compose (recommended for production deployment)
Clone and review the repository
Clone the Peta Core repository from GitHub and read the deployment documentation to understand configuration options.
git clone https://github.com/dunialabs/peta-core.git
cd peta-coreConfigure environment variables
Copy the example environment file and fill in your PostgreSQL connection string, JWT secret, and any credential vault entries for downstream MCP servers. Refer to docs/deployment.md for a full variable reference.
cp .env.example .env
# Edit .env with your values:
# DATABASE_URL=postgresql://user:pass@localhost:5432/petacore
# JWT_SECRET=your-secret-key
# PORT=4000Start Peta Core with Docker Compose
Use the provided Docker Compose file to start Peta Core along with its PostgreSQL dependency. The gateway listens on port 4000 by default.
docker compose up -d
# Verify it is running:
curl http://localhost:4000/healthRegister downstream MCP servers
Use the Peta Core admin API or dashboard to register each MCP server you want to proxy. Assign a server ID, endpoint URL, and store credentials in the vault so the gateway can inject them at call time.
Define access policies
Create per-user or per-role policies that control which tools agents can invoke. Peta Core supports FLAT (all tools visible), HYBRID, and STRICT discovery modes along with role-based and attribute-based controls.
Point your MCP client at the Peta Core gateway
Update your MCP client configuration to target the Peta Core gateway endpoint instead of individual servers. Tool calls are routed using namespaced identifiers in the format serverId::toolName.
{
"mcpServers": {
"peta": {
"command": "npx",
"args": ["-y", "peta-core"],
"env": {
"PETA_GATEWAY_URL": "http://localhost:4000",
"PETA_AUTH_TOKEN": "<your-agent-jwt>"
}
}
}
}Peta Core Examples
Client configuration
Configure your MCP client to connect through Peta Core. The gateway handles credential injection, policy evaluation, and audit logging transparently.
{
"mcpServers": {
"peta-core": {
"command": "npx",
"args": ["-y", "peta-core"],
"env": {
"PETA_GATEWAY_URL": "http://localhost:4000",
"PETA_AUTH_TOKEN": "<your-agent-jwt>"
}
}
}
}Prompts to try
Once agents are connected through Peta Core, these prompts exercise gateway discovery and access-control features.
- "Search for available tools related to file management."
- "Describe the parameters for the github::create_issue tool."
- "Execute the database::run_query tool with this SQL statement."
- "Show me the audit log for my last 10 tool calls."
- "Which tools require manager approval before I can use them?"Troubleshooting Peta Core
Tool calls return 403 Forbidden even though the server is registered.
Check the agent's JWT token claims against the policy rules configured for that user or role. In STRICT discovery mode, tools not explicitly granted are hidden and return 403. Review docs/reference.md and add the appropriate policy grant for the tool.
PostgreSQL connection errors on startup.
Verify DATABASE_URL in your .env is correct and that PostgreSQL 15 is running and accessible. Run 'docker compose logs peta-core' to see the exact error. Ensure the database user has CREATE TABLE privileges for the initial migration.
Downstream MCP server credentials are not being injected.
Confirm the credential entry in the Peta Core vault is linked to the correct server ID. Credentials are decrypted and injected at execution time, so the vault entry must match the serverId used in tool namespacing (serverId::toolName).
Frequently Asked Questions about Peta Core
What is Peta Core?
Peta Core is a Model Context Protocol (MCP) server that control plane for mcp — secure vault, managed runtime, audit trail, and policy-based approvals. It connects AI assistants to external tools and data sources through a standardized interface.
How do I install Peta Core?
Follow the installation instructions on the Peta Core GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.
Which AI clients work with Peta Core?
Peta Core works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is Peta Core free to use?
Yes, Peta Core is open source and available under the NOASSERTION license. You can use it freely in both personal and commercial projects.
Peta Core Alternatives — Similar Security Servers
Looking for alternatives to Peta Core? Here are other popular security servers you can use with Claude, Cursor, and VS Code.
Casdoor
★ 13.6kAn open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD
ghidraMCP
★ 9.0kAn Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through
HexStrike AI
★ 8.9kHexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b
IDA Pro MCP
★ 8.7kEnables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.
Anthropic Cybersecurity Skills
★ 6.6k754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform
Hooker
★ 5.1k🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u
Browse More Security MCP Servers
Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up Peta Core in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use Peta Core?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.