Skip to content
MCP Protocol Layer

RBAC for
MCP Servers

Give your co-founders a terminal into your shared venture. Not a dashboard.

Drop-in role-based access control for any MCP server. Agents only see the tools their role permits. Restricted tools don't return "access denied" — they don't exist.

Get Started GitHub
npm i @llvs/mcpack
mcpack.config 
const handle = await mcpack(server, {
  roles: {
    cofounder: ['get_deals', 'update_deal_status',
               'list_payments'],
    advisor:  ['get_deals'],
    admin:    ['*']
  },
  defaultRole: 'advisor'
});

// advisor calls update_deal_status:
→ "Unknown tool: update_deal_status"
// Not "access denied". It doesn't exist.
2 layers Discovery + Execution
80.7% Token Reduction
0 Runtime Deps
18.8kb Package Size

Home

Two-Layer RBAC

Discovery layer: agents only see tools their role permits. Execution layer: tools/call blocked for out-of-role tools. The error says "Unknown tool" — invisible, not just blocked.

Lazy Discovery

Agents search for tools by keyword instead of receiving every schema upfront. 5-tier scoring surfaces the most relevant results. Role-scoped by default.

Session Memory

Schemas loaded once per session are returned as references on subsequent calls. Zero duplicate payloads across the session lifetime.

Wrap or Build

Wrap any existing MCP server in one line and add RBAC on top, or build a new server from scratch with roles baked in from the start.

How It Works

Define Roles

Map role names to allowed tool lists. '*' for admin access. Each agent session is assigned a role — defaults apply when none is specified.

Agents Search

tools/list returns one tool: search_tools. Agents query with natural language. Results are filtered by role and ranked by relevance.

Enforce on Execute

Even if an agent guesses a tool name, tools/call returns "Unknown tool" for anything outside their role. No leaking tool names. No "access denied" hints.

Token Reduction: A Side Effect Worth Measuring

RBAC scopes what agents see — which also dramatically cuts token usage. Measured on Stripe MCP (28 tools). Not simulated.

Query Without MCPack With MCPack Saved
create a payment 8,315 tokens 1,040 tokens 87.5%
manage customers 8,315 tokens 1,984 tokens 76.1%
subscription billing 8,315 tokens 3,279 tokens 60.6%
issue refund 8,315 tokens 799 tokens 90.4%
list invoices 8,315 tokens 913 tokens 89.0%
Aggregate (5 queries) 41,575 8,015 80.7%

Results vary by server size and query breadth. Larger tool surfaces see greater reduction.

Read the Docs View on GitHub