Peta Core

v1.0.0Securitystable

The Control Plane for MCP — secure vault, managed runtime, audit trail, and policy-based approvals.

aiagentauthentication-middlewaredeveloper-toolsfunction-callinggateway
Share:
49
Stars
0
Downloads
0
Weekly
0/5

What is Peta Core?

Peta Core is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to control plane for mcp — secure vault, managed runtime, audit trail, and policy-based approvals.

The Control Plane for MCP — secure vault, managed runtime, audit trail, and policy-based approvals.

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • The Control Plane for MCP — secure vault, managed runtime, a

Use Cases

Secure MCP tool access with vault, policy approvals, and audit trails
Manage authentication, JWT, and runtime governance for agents
dunialabs

Maintainer

LicenseNOASSERTION
Languagetypescript
Versionv1.0.0
UpdatedMay 18, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx peta-core

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Peta Core

Peta Core is an enterprise-grade control plane for MCP deployments that acts as a secure gateway between AI agents and the MCP servers they consume. It provides server-side credential injection (so API keys are never exposed to the agent), a policy engine with per-user and per-tool access controls, comprehensive audit logging of every tool call, and an approval workflow for sensitive operations. Teams use it to centrally govern which tools each agent can access, enforce rate limits, and maintain a tamper-proof audit trail — all without modifying individual MCP servers.

Prerequisites

  • Node.js 18 or later
  • PostgreSQL 15 or later for policy and audit storage
  • TypeScript 5.0 or later (for building from source)
  • An MCP client such as Claude Desktop or Claude Code that supports remote MCP endpoints
  • Docker and Docker Compose (recommended for production deployment)
1

Clone and review the repository

Clone the Peta Core repository from GitHub and read the deployment documentation to understand configuration options.

git clone https://github.com/dunialabs/peta-core.git
cd peta-core
2

Configure environment variables

Copy the example environment file and fill in your PostgreSQL connection string, JWT secret, and any credential vault entries for downstream MCP servers. Refer to docs/deployment.md for a full variable reference.

cp .env.example .env
# Edit .env with your values:
# DATABASE_URL=postgresql://user:pass@localhost:5432/petacore
# JWT_SECRET=your-secret-key
# PORT=4000
3

Start Peta Core with Docker Compose

Use the provided Docker Compose file to start Peta Core along with its PostgreSQL dependency. The gateway listens on port 4000 by default.

docker compose up -d
# Verify it is running:
curl http://localhost:4000/health
4

Register downstream MCP servers

Use the Peta Core admin API or dashboard to register each MCP server you want to proxy. Assign a server ID, endpoint URL, and store credentials in the vault so the gateway can inject them at call time.

5

Define access policies

Create per-user or per-role policies that control which tools agents can invoke. Peta Core supports FLAT (all tools visible), HYBRID, and STRICT discovery modes along with role-based and attribute-based controls.

6

Point your MCP client at the Peta Core gateway

Update your MCP client configuration to target the Peta Core gateway endpoint instead of individual servers. Tool calls are routed using namespaced identifiers in the format serverId::toolName.

{
  "mcpServers": {
    "peta": {
      "command": "npx",
      "args": ["-y", "peta-core"],
      "env": {
        "PETA_GATEWAY_URL": "http://localhost:4000",
        "PETA_AUTH_TOKEN": "<your-agent-jwt>"
      }
    }
  }
}

Peta Core Examples

Client configuration

Configure your MCP client to connect through Peta Core. The gateway handles credential injection, policy evaluation, and audit logging transparently.

{
  "mcpServers": {
    "peta-core": {
      "command": "npx",
      "args": ["-y", "peta-core"],
      "env": {
        "PETA_GATEWAY_URL": "http://localhost:4000",
        "PETA_AUTH_TOKEN": "<your-agent-jwt>"
      }
    }
  }
}

Prompts to try

Once agents are connected through Peta Core, these prompts exercise gateway discovery and access-control features.

- "Search for available tools related to file management."
- "Describe the parameters for the github::create_issue tool."
- "Execute the database::run_query tool with this SQL statement."
- "Show me the audit log for my last 10 tool calls."
- "Which tools require manager approval before I can use them?"

Troubleshooting Peta Core

Tool calls return 403 Forbidden even though the server is registered.

Check the agent's JWT token claims against the policy rules configured for that user or role. In STRICT discovery mode, tools not explicitly granted are hidden and return 403. Review docs/reference.md and add the appropriate policy grant for the tool.

PostgreSQL connection errors on startup.

Verify DATABASE_URL in your .env is correct and that PostgreSQL 15 is running and accessible. Run 'docker compose logs peta-core' to see the exact error. Ensure the database user has CREATE TABLE privileges for the initial migration.

Downstream MCP server credentials are not being injected.

Confirm the credential entry in the Peta Core vault is linked to the correct server ID. Credentials are decrypted and injected at execution time, so the vault entry must match the serverId used in tool namespacing (serverId::toolName).

Frequently Asked Questions about Peta Core

What is Peta Core?

Peta Core is a Model Context Protocol (MCP) server that control plane for mcp — secure vault, managed runtime, audit trail, and policy-based approvals. It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Peta Core?

Follow the installation instructions on the Peta Core GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with Peta Core?

Peta Core works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Peta Core free to use?

Yes, Peta Core is open source and available under the NOASSERTION license. You can use it freely in both personal and commercial projects.

Peta Core Alternatives — Similar Security Servers

Looking for alternatives to Peta Core? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "peta-core": { "command": "npx", "args": ["-y", "peta-core"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use Peta Core?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides