Skip to main content
Version: Next

MCP Evaluation Sandbox

Before you deploy new or third-party MCP servers into production, you can use the Sandbox Environment in Lunar MCPX Enterprise to test, validate, and inspect server behavior in isolation.
The sandbox gives you a safe space to verify that new MCP servers are secure, stable, and properly configured before making them available to your teams.

Overview​

The Sandbox Environment lets you run and evaluate MCP servers without exposing any production systems or sensitive data.
You can connect, observe, and test how a server behaves under controlled conditions, then decide whether to approve it for production use.

Once a server passes your review, you can promote it directly into your organization’s Custom MCP Server Registry so that approved teams can start using it safely.

Key Capabilities​

  • Isolated Testing – Test MCP servers in a secure environment that’s fully separated from your production systems.
  • Safe Evaluation – Validate server responses, schemas, and data handling before deployment.
  • Promotion Workflow – Approve validated servers and add them directly to your Custom MCP Server Registry.
  • Secure Key Testing – Use your existing Secret Management setup to safely test credentials and integrations.

Observability and Policy Testing with the Lunar AI Gateway​

All sandbox traffic can be routed through the Lunar AI Gateway, giving you deep visibility into each server and endpoint before it reaches production.

In the Gateway, you can:

  • View all sandboxed servers and exposed endpoints
  • Inspect request behavior, performance, and potential data leaks
  • Apply and test access or rate-limit policies before enforcing them in production
  • Track metrics like latency, error rates, and usage volume

Once a server is validated, you can promote it to production with the same policies and Gateway visibility.

🧩 The Lunar AI Gateway bridges your sandbox and production environments β€” ensuring consistency, security, and clear observability across all MCP traffic.

Best Practices​

  • Always test external or community-hosted MCP servers in the sandbox before production.
  • Use mock or anonymized data during validation.
  • Apply short-lived credentials via Secret Management for testing.
  • Clean up expired sandbox instances regularly.
  • Use audit logs to document your validation process for compliance.