Goja JS Interceptors

Goja is a high-performance JavaScript engine written entirely in Go. HasMCP leverages Goja to provide a lightweight, embeddable scripting layer for Interceptors.

Purpose

While JMESPath is excellent for declarative pruning, some data transformations require procedural logic—such as conditional formatting, data sanitization, or complex array manipulation. Goja JS Interceptors allow you to write pure JavaScript that executes directly within the HasMCP proxy context.

Key Features in HasMCP

• No Cold Starts: Unlike Node.js or serverless functions, Goja is embedded in the HasMCP binary, ensuring sub-millisecond execution.
• Request/Response Access: Interceptors can modify both the input parameters sent to a tool and the output returned from the upstream API.
• Security: JS code runs in a sandboxed environment without access to the underlying OS or network, maintaining the security of the MCP server.

Advanced Interceptor Logic in HasMCP

When simple filtering isn't enough, Goja (JS) Interceptors in HasMCP provide the full power of JavaScript for data transformation. This is particularly useful for synthesizing multiple fields into a single, LLM-friendly summary, or for applying conditional logic that strips data based on the response status. Because these interceptors are embedded directly within the HasMCP Go binary, they offer the flexibility of a programming language without the latency overhead of external function calls.

Example Interceptor

// Transform raw pricing data into a human-readable summary
const input = context.response.body;

if (input.price > 1000) {
    return {
        summary: `Premium Item: ${input.name}`,
        cost: "High",
        is_restricted: true
    };
}

return {
    summary: `Standard Item: ${input.name}`,
    cost: "Normal"
};

Questions & Answers

What is Goja, and why is it used in HasMCP?

Goja is a high-performance JavaScript engine written in Go. It is used in HasMCP to provide a lightweight, sandboxed scripting layer for complex data transformations that require procedural logic.

How do Goja interceptors differ from standard JMESPath pruning?

While JMESPath is great for simple, declarative field removal, Goja interceptors allow for procedural logic, such as conditional formatting, sanitization, and synthesizing multiple fields into a single summary.

What are the performance and security advantages of embedded Goja interceptors?

Because Goja is embedded directly in the HasMCP binary, there are no "cold starts" or network latency associated with external functions. From a security standpoint, the JS code runs in a sandbox without access to the OS or network.