Skip to content
MCP Bridge Docs

Tool Filter

Configure tool filtering with servers.<name>.toolFilter.

  • deny: block listed tools
  • allow: whitelist mode (only listed tools are available)
  • If both are present: effective set is allow - deny

Filtering is applied both when tools are listed and when tools are called.

Example config

Section titled “Example config”
{
  "servers": {
    "github": {
      "transport": "stdio",
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-github"],
      "toolFilter": {
        "allow": ["list_repos", "create_issue", "search_code"],
        "deny": ["delete_repository"]
      }
    },
    "database-admin": {
      "transport": "stdio",
      "command": "node",
      "args": ["./db-admin-server.js"],
      "toolFilter": {
        "deny": ["drop_table", "delete_all_rows"]
      }
    }
  }
}

Common use cases

Section titled “Common use cases”
  • Block destructive operations such as delete_* or drop_*
  • Expose only read-only/search tools to low-trust agents
  • Gradually roll out write-capable tools by explicitly adding to allow