bc174c1302
All checks were successful
Deploy to Production / deploy (push) Successful in 53s
The free tier was hemorrhaging Anthropic cost with no abuse cap (no rate limit on /preview, Opus default in the build worker, 5-min cache TTL that made cache-miss the common case). This switches free users to GLM, paid users to Claude tiers, and tightens every leak found in the audit. Backend: - @bmm/llm: GLM provider via Zhipu's OpenAI-compatible endpoint, pickPreviewModel + pickBuildModel helpers, plan-aware ModelChoice - preview-cache TTL 5min -> 24h (kills the cache-miss path) - /v1/servers/preview: picks model from caller's plan, returns model name to UI - /v1/servers POST: enforces SERVER_LIMITS per plan (402), rate-limits builds - daily rate-limit on preview (5/40/150/1000) and build (3/20/100/500) - /v1/auth/me returns plan so the wizard can show the right model name - generator worker: GLM default, Anthropic Sonnet fallback if GLM errors Frontend: - Wizard fetches plan, shows "<model> is drafting the tool spec" pre-emptively, upgrade hint for hobby users, friendly errors for 402 / 429 - Pricing page: AI-model line per tier (Open-tier / Haiku / Sonnet / Opus), Team €149 -> €199, Enterprise €499 -> €999, daily-preview limit per tier - Privacy + Security: explicit subprocessor disclosure for Anthropic (US) / Zhipu (CN) and which tier uses which Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
111 lines
5.2 KiB
TypeScript
111 lines
5.2 KiB
TypeScript
import { CodeBlock } from '@/components/code-block';
|
|
import { pageMetadata } from '@/lib/seo';
|
|
import Link from 'next/link';
|
|
|
|
export const metadata = pageMetadata({
|
|
title: 'Security',
|
|
description:
|
|
'How BuildMyMCPServer secures your MCP servers — per-server Docker isolation, AES-256-GCM encrypted secrets, OAuth 2.1 and a hardened control plane.',
|
|
path: '/security',
|
|
});
|
|
|
|
const PILLARS = [
|
|
{
|
|
title: 'Per-server isolation',
|
|
body: 'Every customer MCP server runs in its own Docker container. No shared process, no shared filesystem, no shared memory. One server compromised does not affect any other.',
|
|
},
|
|
{
|
|
title: 'Encrypted secrets',
|
|
body: 'API keys and credentials are AES-256-GCM encrypted at rest in Postgres with a 32-byte key sourced from env. Decryption happens only at the moment of container ENV injection. Plaintext is never logged.',
|
|
},
|
|
{
|
|
title: 'OAuth 2.1, no API keys for end users',
|
|
body: 'Every generated server is an OAuth 2.1 Resource Server. PKCE, Dynamic Client Registration (RFC 7591), Resource Indicators (RFC 8707), RS256-signed JWTs. Short-lived, audience-bound, replay-resistant.',
|
|
},
|
|
{
|
|
title: 'No token passthrough',
|
|
body: "When a tool calls a downstream API, it uses its own server-side credentials — not the user's OAuth token. Tokens never leak across trust boundaries. This is mandated by the MCP authorization spec.",
|
|
},
|
|
{
|
|
title: 'Static security checks',
|
|
body: 'Every LLM-generated tool body is scanned for banned patterns (eval, new Function, child_process) before Docker build. Prompt-injection markers like "ignore previous instructions" also trip the check. Build fails fast, no risky code ships.',
|
|
},
|
|
{
|
|
title: 'Container hardening',
|
|
body: 'Production containers run with --read-only, --cap-drop=ALL, --security-opt=no-new-privileges, CPU and memory limits. Network egress can be restricted to whitelisted domains per server.',
|
|
},
|
|
{
|
|
title: 'Audit log',
|
|
body: 'Every privileged action — login, logout, server create/iterate/delete — is recorded with IP, timestamp, user, and metadata. Available via /audit for Team-and-above orgs.',
|
|
},
|
|
{
|
|
title: 'Rate limiting',
|
|
body: 'Default 100 requests/min/IP per tool, enforced at the Traefik layer before traffic ever reaches your container. Daily preview + build caps per tier protect against runaway LLM spend.',
|
|
},
|
|
{
|
|
title: 'AI provider by tier — transparent',
|
|
body: "Hobby (free) tier uses Zhipu's GLM model (servers in China) for prompt analysis — chosen for cost so we can offer a real free tier. Pro, Team and Enterprise use Anthropic Claude (US). Enterprise can request EU-only data residency. The provider is shown live in the wizard so you always know where your prompt is going.",
|
|
},
|
|
];
|
|
|
|
export default function Security() {
|
|
return (
|
|
<div className="mx-auto max-w-3xl px-6 py-16">
|
|
<header className="mb-12">
|
|
<div className="text-[11px] uppercase tracking-[0.16em] text-[--color-fg-subtle]">
|
|
Security posture
|
|
</div>
|
|
<h1 className="mt-2 text-[32px] font-semibold tracking-tight">
|
|
Built like infrastructure.
|
|
</h1>
|
|
<p className="mt-3 text-[14px] leading-relaxed text-[--color-fg-muted]">
|
|
We host code generated by an LLM, on behalf of customers, that exposes their internal APIs
|
|
to AI clients. The threat model is real. Here is what we do about it.
|
|
</p>
|
|
</header>
|
|
|
|
<div className="space-y-6">
|
|
{PILLARS.map((p) => (
|
|
<section key={p.title} className="panel p-5">
|
|
<h2 className="text-[14px] font-semibold tracking-tight">{p.title}</h2>
|
|
<p className="mt-2 text-[13px] leading-relaxed text-[--color-fg-muted]">{p.body}</p>
|
|
</section>
|
|
))}
|
|
</div>
|
|
|
|
<section className="mt-12">
|
|
<h2 className="text-[18px] font-semibold tracking-tight">Disclosure</h2>
|
|
<p className="mt-2 text-[13.5px] leading-relaxed text-[--color-fg-muted]">
|
|
Found a vulnerability? Email{' '}
|
|
<a
|
|
className="text-[--color-accent] underline"
|
|
href="mailto:security@buildmymcpserver.com"
|
|
>
|
|
security@buildmymcpserver.com
|
|
</a>{' '}
|
|
with a clear reproduction. We respond within 48h. We do not run a paid bounty yet, but we
|
|
will credit you publicly in the changelog (or anonymously if you prefer).
|
|
</p>
|
|
<div className="mt-4">
|
|
<CodeBlock
|
|
label="pgp"
|
|
code={`Key fingerprint published at buildmymcpserver.com/.well-known/security.txt`}
|
|
/>
|
|
</div>
|
|
</section>
|
|
|
|
<section className="mt-12">
|
|
<h2 className="text-[18px] font-semibold tracking-tight">Compliance roadmap</h2>
|
|
<p className="mt-2 text-[13.5px] leading-relaxed text-[--color-fg-muted]">
|
|
SOC 2 Type I is targeted for Q4 2026. The GDPR posture is described in our{' '}
|
|
<Link href="/privacy" className="text-[--color-accent] underline">
|
|
privacy policy
|
|
</Link>
|
|
. If you need a DPA or other contracts ahead of SOC 2, reach out — Team and Enterprise
|
|
customers get one on request.
|
|
</p>
|
|
</section>
|
|
</div>
|
|
);
|
|
}
|