MCPflareMCPflare

Installation

Get started with MCPflare using the VS Code extension or npx command.

Prerequisites

The VS Code extension provides a visual interface for managing your MCP servers and their security settings.

Install the Extension

  1. Open VS Code
  2. Go to Extensions (Ctrl+Shift+X / Cmd+Shift+X)
  3. Search for "MCPflare"
  4. Click Install

Or install directly from the VS Code Marketplace or Open VSX Registry.

Open MCPflare

Click the shield icon 🛡️ in the activity bar (left sidebar) to open the MCPflare panel.

Auto-Discovery

Your MCP servers are automatically imported from:

  • Claude Code configuration
  • Cursor configuration
  • GitHub Copilot configuration

Enable Protection

Toggle protection on for any MCP you want to secure. Configure network, file system, and resource settings as needed.

Quick Access

Use Ctrl+Shift+P → "MCPflare: Open Settings" to open the panel anytime.

npx Command (Quick Setup)

For users of Cursor, Claude Code, or GitHub Copilot, you can set up MCPflare directly in your IDE configuration.

Add MCPflare to Your IDE Config

Click the button below to install MCPflare in Cursor:

Install MCP Server

To maximize efficiency and security, disable any existing MCPs in your IDE configuration.

Why disable?

  • Efficiency: Without disabling, your IDE loads all MCP tools into the context window, wasting tokens. MCPflare only loads tools lazily when you actually use them.
  • 🔒 Security: Ensures all tool calls route through MCPflare's secure isolation instead of being called directly.

How to disable: Ask your LLM: "Disable all MCPs except mcpflare in my IDE configuration"

This uses MCPflare's guard tool to move MCPs to a special _mcpflare_disabled section in your config file. MCPflare can still discover and use these disabled MCPs through its secure isolation layer.

Don't Remove MCP Entries

Do NOT manually comment out or remove MCP entries from your config file. If you do, MCPflare won't be able to discover them. MCPflare needs the MCP configurations to remain in the file (either active or in the _mcpflare_disabled section) to route tool calls through secure isolation.

Restart Your IDE

Restart your IDE for changes to take effect.

Done!

MCPflare automatically:

  • Discovers all other MCPs configured in your IDE (even disabled ones)
  • Routes all tool calls through secure Worker isolation
  • Lazy-loads MCPs when their tools are actually used

How Transparent Proxy Mode Works

MCPflare automatically:

  1. Discovers all MCPs configured in your IDE (Cursor, Claude Code, or GitHub Copilot)
  2. Lazy-loads tool schemas only when tools are actually called (not upfront)
  3. Routes all tool calls through secure Worker isolation
  4. Auto-loads MCPs when their tools are first used

Example: If you have github MCP configured, MCPflare will:

  • When the LLM calls github::search_repositories, MCPflare automatically loads the GitHub MCP schema and executes the call in isolation
  • All results are returned transparently - the LLM doesn't need to know about the isolation layer
  • Tool schemas are cached after first use for faster subsequent calls

Next Steps

Previous

Introduction

Next

VS Code Extension

On this page