Overwatch secures your AI code agents and MCP (Model Context Protocol) servers. Install the extension, configure your Javelin API key, and all MCP requests will be validated through Javelin Guardrails.
Features
🛡️ Automatic Protection: Automatically intercepts and validates all MCP requests
🔧 Easy Setup: Simple configuration with your Javelin API key
👁️ Real-time Monitoring: Visual status indicators and detailed logging
⚡ Lightweight: Minimal performance impact with intelligent caching
🎛️ Granular Control: Custom policies
🔄 Hot Reload: Dynamic policy updates without restart
Quick Start
Install the Extension
Install from VS Code Marketplace or Cursor Extensions
The proxy fails closed on validation errors; requests are blocked when Guard validation is unavailable
Log Level: Control logging verbosity
Advanced Settings
Custom Policy: Path to custom YAML policy file for advanced rules
Note on HTTP/SSE servers
Wrapping HTTP/SSE servers no longer requires a setting. Use “Overwatch: Auto‑Proxy All Servers” to apply wrapping as needed. “Overwatch: Unwrap All Servers” disables protection and restores originals safely.
Status Indicators
🟢 Protected: Server is secured by Overwatch
🔴 Unprotected: Server not yet secured (extension disabled)
Troubleshooting
Extension Not Working?
Check that the extension is enabled in VS Code/Cursor
Verify your Javelin API key is set correctly
Check the Overwatch output channel for error messages
MCP Server Not Starting?
Ensure the original MCP server command is valid
Check if the server requires specific environment variables
