Show HN: MCP Python Hooks – sys.addaudithook and import hooks for MCP

Category: security

Tags: mcp, security-auditing, runtime-monitoring, python-hooks, supply-chain-security

Score: 6.5/10 (Innovation: 6, Technical: 7, Documentation: 7, Utility: 6)

BlueRock is a runtime security sensor for Python MCP servers that uses sys.addaudithook and import hooks to monitor MCP tool calls, resource access, and module imports with zero code changes. Its innovative combination of Python auditing hooks with MCP protocol instrumentation and SHA256 import verification fills a specific security observability niche. The project is well-architected with a Rust backend for efficient event writing and NDJSON output.

Target audience: security engineers, AppSec engineers, AI developers, MCP developers

Repository: https://github.com/bluerock-io/bluerock · Python · Apache-2.0 · 2 stars

View on Hacker News