Skillget

sbproxy

mcp
Security Audit
Pass
Health Pass
  • License — License: NOASSERTION
  • Description — Repository has a description
  • Active repo — Last push 0 days ago
  • Community trust — 37 GitHub stars
Code Pass
  • Code scan — Scanned 12 files during light audit, no dangerous patterns found
Permissions Pass
  • Permissions — No dangerous permissions requested
Purpose
This tool is a self-hostable AI gateway and governance engine that unifies HTTP traffic, LLM API routing, and MCP server management into a single proxy binary.

Security Assessment
The automated code scan inspected 12 files and found no dangerous patterns, hardcoded secrets, or requests for dangerous permissions. The tool's core function requires it to make external network requests and route traffic, which is expected behavior for a reverse proxy. It does not appear to arbitrarily execute shell commands. Because it handles API traffic and acts as a gateway, it inherently processes sensitive data (such as LLM payloads and API keys). Overall risk: Medium.

Quality Assessment
The project is written in Rust and is highly active, with its last push occurring today. It has garnered 37 GitHub stars, indicating a small but growing community trust. While the repository description is present, the license is marked as "NOASSERTION." The README references the Business Source License (BUSL 1.1), which typically restricts commercial production use, so developers must verify the exact licensing terms before adopting it in a corporate environment.

Verdict
Use with caution — the code appears safe, but be sure to review the non-standard license terms before relying on it for commercial projects.
SUMMARY

AI Governance Engine. One self-hostable gateway for AI traffic, APIs, MCP, and AI crawlers.

README.md

SBproxy

SBproxy

Last modified: 2026-04-28

The AI gateway built like a real proxy.

Release License CI Stars Rust 1.82+

Install · Quick start · Examples · Docs

Why SBproxy

Most teams run one tool for HTTP traffic and another for LLM traffic. That's two systems to configure, deploy, and monitor. SBproxy handles both in one binary.

  • One config file replaces your reverse proxy, AI gateway, and the middleware glue between them.
  • 200+ LLM models behind an OpenAI-compatible API, with fallback chains, guardrails, and budgets.
  • Secure by default. Auth, rate limiting, WAF, DDoS, and CSRF are built in.
  • Hot reload with no dropped connections.
  • Sub-millisecond p99 overhead. Idle RSS in single-digit megabytes.

Install

Homebrew (macOS / Linux):

brew tap soapbucket/sbproxy
brew install sbproxy

Docker:

docker pull ghcr.io/soapbucket/sbproxy:latest

From source (needs Rust 1.82+):

git clone https://github.com/soapbucket/sbproxy
cd sbproxy
make build-release

Quick start

We host a public HTTP echo service at test.sbproxy.dev (request inspection, like httpbin) so you can wire up a real upstream without leaving the SoapBucket ecosystem. Try it directly:

curl https://test.sbproxy.dev/get

Now run the gateway in front of it. Drop this into sb.yml:

proxy:
  http_bind_port: 8080

origins:
  "myapp.example.com":
    action:
      type: proxy
      url: https://test.sbproxy.dev

make run CONFIG=sb.yml
curl -H "Host: myapp.example.com" http://127.0.0.1:8080/get

myapp.example.com is the host your client sees; SoapBucket matches it against origins: and forwards to the upstream. Use any hostname you want here; example.com is reserved (RFC 2606), so it never collides with anything real.

That's a reverse proxy. Add AI routing, auth, and rate limiting in the same file. See examples/ for runnable end-to-end configurations covering each feature.

Documentation

The full documentation lives in docs/README.md: manual, configuration reference, AI gateway guide, scripting reference, performance, troubleshooting, architecture, and more.

For contributors: CONTRIBUTING.md.

Community

Upgrading from v0.1.x (Go)

SBproxy v1.0 is a Rust rewrite. The Go implementation that previously occupied this repository is archived at soapbucket/sbproxy-go and tagged v0.1.2-go-final. New work happens here. See MIGRATION.md for the upgrade path; existing sb.yml files should compile unchanged.

License

Licensed under BSL 1.1. Source available on GitHub. Production use is permitted for everything except offering SBproxy as a competing hosted or managed service.

For commercial licensing inquiries, contact [email protected]. See also NOTICE and TRADEMARKS. A Soap Bucket LLC project.

Reviews (0)

No results found