GuardrlyGuardrly
mcpsecuritytutorialstep-by-step

You've installed an MCP server. Your AI Agent can now make API calls to Shopify, Meta, or whatever service you've connected. Everything works.

Now what?

This guide walks you through securing that setup, step by step, from "it works on my machine" to "I'm confident this won't get my accounts banned."

No theory. No architecture diagrams. Just the things you need to do, in order.

Step 1: Audit What You've Already Installed

Before adding security, understand what you're working with.

Check your MCP configuration:

On Mac (Claude Desktop):

cat ~/Library/Application\ Support/Claude/claude_desktop_config.json

On Mac (Cursor):

cat ~/Library/Application\ Support/Cursor/User/settings.json | grep -A 20 mcpServers

What to look for:

{
  "mcpServers": {
    "your-server": {
      "command": "python3",        // What binary runs?
      "args": ["-m", "some_pkg"],  // What package?
      "env": {
        "API_KEY": "sk-xxxxx"      // ← Are real keys here?
      }
    }
  }
}

Checklist:

If you have MCP servers you don't recognize or no longer use, remove them. Every installed server is an active attack surface.

Step 2: Secure Your API Keys

Your MCP config file contains the API keys that your server uses to authenticate with external platforms. If someone gets access to this file, they have your Shopify/Meta/Stripe credentials.

Check file permissions:

# Mac/Linux — Claude Desktop config
ls -la ~/Library/Application\ Support/Claude/claude_desktop_config.json

# Should show: -rw------- (readable only by you)
# If it shows -rw-r--r-- (world-readable), fix it:
chmod 600 ~/Library/Application\ Support/Claude/claude_desktop_config.json

Better approach — use a separate env file:

Instead of putting keys directly in the MCP config, reference an env file:

{
  "mcpServers": {
    "guardrly": {
      "command": "guardrly",
      "env": {
        "GUARDRLY_API_KEY": "gly_xxxxx",
        "HMAC_SECRET": "your_secret_here"
      }
    }
  }
}

Store the actual keys in ~/.guardrly/.env with restricted permissions:

chmod 600 ~/.guardrly/.env

Key rotation schedule:

Key TypeRotation FrequencyHow
Shopify API keyEvery 90 daysShopify Admin → API credentials → Rotate
Meta access tokenEvery 60 daysMeta Business Suite → System Users → Generate new
MCP server API keyAfter any incidentDashboard → Settings → Revoke + Create new

Step 3: Enable Request Monitoring

This is where most people stop at Step 2 and assume they're secure. They're not.

Securing credentials prevents unauthorized access. But it doesn't prevent your authorized Agent from doing something destructive. You need to see what it's doing.

Install Guardrly (one command):

curl -fsSL https://guardrly.com/install.sh | bash

The installer will:

  1. Install the Guardrly MCP server via pipx
  2. Prompt for your email and password (creates an account if needed)
  3. Auto-configure your Claude Desktop or Cursor
  4. Save credentials locally

Verify it's working:

After restarting your AI tool, ask your Agent:

Use make_http_request to GET https://httpbin.org/get

Then check app.guardrly.com/logs. You should see the request appear within 60 seconds.

What you'll see in the dashboard:

TIME              PLATFORM    METHOD    STATUS    RISK    LATENCY
2026-04-15 08:34  generic     GET       200       None    340ms

Every API call your Agent makes will appear here, with platform detection, risk scoring, and response timing.

Step 4: Configure Alert Rules

Default alert rules catch the most dangerous patterns. But you should review them and adjust thresholds for your workload.

Go to app.guardrly.com/settings → Alert Rules

Default rules (all enabled):

RuleThresholdLevelWhat It Catches
Rate limit50 req / 5 minWarningAgent making too many calls
High-frequency writes10 consecutiveWarningAgent not reading before writing
Consecutive DELETEs3 consecutiveCriticalRunaway deletion
Platform 403s3 consecutiveCriticalAPI key issues or account flags
Platform 429s2 consecutiveCriticalAbout to get rate-limited/banned
Server 5xx errors3 consecutiveWarningExternal API having problems

Adjustments for common workflows:

If your Agent does bulk price updates (lots of PUTs):
  → Increase "high-frequency writes" threshold to 50

If your Agent reads lots of data before writing:
  → Keep defaults, this pattern is healthy

If your Agent runs on a schedule (cron):
  → Consider disabling "off-hours operation" rule
  → Or adjust the hours to match your schedule

Critical rules (cannot be disabled):

Consecutive DELETEs, platform 403s, and platform 429s are always active. These catch scenarios where immediate intervention is needed.

Step 5: Set Up Email Notifications

Alert rules detect problems. Email notifications make sure you actually know about them.

Requirements:

What triggers an email:

Level 3 (Critical) events:
  ✓ 3 consecutive DELETE operations
  ✓ 3 consecutive 403 Forbidden responses
  ✓ 2 consecutive 429 Rate Limited responses
  
  Email sent to your registered email address
  within 5 seconds of detection

What does NOT trigger an email:

Level 1 (Info):
  - Large payload warnings
  - Off-hours operation flags
  → Dashboard only

Level 2 (Warning):
  - Rate limit approaching
  - High-frequency writes
  → Dashboard only

Step 6: Harden for Production

If you're running agents against production Shopify stores or live Meta Ads campaigns, these additional steps reduce your risk surface.

6a. Restrict Agent permissions

Don't give your Agent full admin API access if it only needs to read products and update prices.

Shopify: Create a Custom App with only the scopes you need:

Needed for price updates:
  ✓ read_products
  ✓ write_products

NOT needed (remove these):
  ✗ write_orders
  ✗ write_customers  
  ✗ write_shipping
  ✗ write_themes

Meta Ads: Create a System User with limited permissions:

Needed for campaign management:
  ✓ ads_read
  ✓ ads_management

NOT needed (remove these):
  ✗ pages_manage_posts
  ✗ business_management
  ✗ leads_retrieval

6b. Create a separate API key for AI Agent access

Don't use the same API key for your Agent and your manual admin access. If the Agent's key gets compromised or needs to be revoked, you don't lose your own access.

Key 1: "manual-admin"    → Your personal use
Key 2: "claude-agent"    → AI Agent access (can be revoked independently)
Key 3: "cursor-agent"    → Different tool, different key

6c. Set a daily operation budget

Decide in advance: how many API calls should your Agent make per day? Set this as your daily quota in Guardrly.

Conservative (for testing):
  Daily limit: 100 requests
  
Normal production:
  Daily limit: 1,000 requests
  
High-volume automation:
  Daily limit: 10,000 requests

If the Agent exceeds this limit, additional requests are rejected with a 429 error. Better to stop the Agent than let it run unchecked.

Step 7: Create an Incident Response Plan

When something goes wrong — and it will, eventually — having a plan saves you time and money.

Your incident response checklist:

WHEN: You receive a Critical alert email

1. STOP the Agent immediately
   → Close Claude Desktop / Cursor
   → Or revoke the Agent's API key in Guardrly settings

2. ASSESS the damage
   → Go to app.guardrly.com/logs
   → Filter by last 30 minutes
   → Count how many destructive operations were executed
   → Note the affected resources (product IDs, campaign IDs)

3. CONTAIN the impact
   → If Shopify: check affected products, restore from backup
   → If Meta: check campaign status, pause affected campaigns

4. PRESERVE evidence
   → Screenshot the log entries
   → Note the timestamps and operation details
   → Export the log data if possible

5. FIX the root cause
   → Was it a bad prompt? Rewrite it.
   → Was it a model hallucination? Add more specific instructions.
   → Was it a bug in the MCP server? Update or switch servers.

6. RESUME with safeguards
   → Lower the daily quota temporarily
   → Watch the dashboard closely for the first few runs
   → Consider adding more specific alert rules

If your platform account gets suspended:

For Shopify:
  1. Go to app.guardrly.com/logs
  2. Filter by platform=shopify, last 7 days
  3. Export or screenshot the full operation timeline
  4. Submit to Shopify with explanation:
     "This activity was from authorized AI automation.
      Attached is the complete audit trail showing every
      API call with timestamps and operation details.
      We have since implemented additional safeguards."

For Meta Ads:
  1. Same process — full audit trail from Guardrly
  2. Submit through Meta Business Help Center
  3. Emphasize that activity was legitimate automation
  4. Show that you now have monitoring and rate limiting

Ongoing Maintenance

Security isn't a one-time setup. Here's what to do regularly:

TaskFrequencyTime
Review Guardrly dashboard for unusual activityDaily (quick scan)2 min
Check alert rules are still appropriateMonthly10 min
Rotate API keysQuarterly15 min
Review installed MCP serversQuarterly10 min
Update MCP server packagesMonthly5 min
Test incident response planQuarterly30 min

Total ongoing time: ~15 minutes per week for daily scans and monthly checks. A small investment compared to the cost of a security incident.

Quick Reference Card

┌─────────────────────────────────────────────────┐
│         MCP Server Security Quick Reference     │
├─────────────────────────────────────────────────┤
│                                                 │
│  INSTALL MONITORING                             │
│  curl -fsSL https://guardrly.com/install.sh     │
│    | bash                                       │
│                                                 │
│  CHECK YOUR CONFIG                              │
│  cat ~/Library/Application\ Support/Claude/     │
│    claude_desktop_config.json                   │
│                                                 │
│  SECURE PERMISSIONS                             │
│  chmod 600 ~/.guardrly/.env                     │
│                                                 │
│  VIEW LOGS                                      │
│  https://app.guardrly.com/logs                  │
│                                                 │
│  CONFIGURE ALERTS                               │
│  https://app.guardrly.com/settings              │
│                                                 │
│  EMERGENCY: STOP AGENT                          │
│  Close Claude Desktop / Cursor immediately      │
│  Or: Settings → API Keys → Revoke agent key     │
│                                                 │
└─────────────────────────────────────────────────┘

Start Now

Don't wait for a security incident to take action. The setup described in this guide takes about 30 minutes, and most of it is automated.

curl -fsSL https://guardrly.com/install.sh | bash

Free plan available. No credit card required.

Monitor your AI Agent with Guardrly

Real-time alerts and complete audit logs for your AI Agent. Free plan available.

Start Free

Related articles

MCP Security Risks You Need to Know Before Deploying AI Agents

From prompt injection to token theft, here are the real security risks of running MCP servers in production — and what you can do about each one.

MCP Injection Attacks: What They Are and How to Defend Against Them

MCP injection is the new prompt injection — but it targets your Agent's API calls instead of its text output. Here's how the attack works and what you can do about it.

MCP Server Security Best Practices: The Complete Guide for 2026

Your MCP server has access to production API keys, customer data, and business-critical operations. Here are 8 practices that will keep you out of trouble.