feat: mcp tool param regex guardrail

[uc4w6c]

Title

mcp tool param regex guardrail

Relevant issues

#N/A

Pre-Submission checklist

Please complete all items before asking a LiteLLM maintainer to review your PR

• I have Added testing in the tests/litellm/ directory, Adding at least 1 test is a hard requirement - see details
• I have added a screenshot of my new test passing locally
• My PR passes all unit tests on make test-unit
• My PR's scope is as isolated as possible, it only solves 1 specific problem

Type

🆕 New Feature
📖 Documentation
✅ Test

Changes

This PR adds support for allowed_param_patterns on MCP servers.
When allowed_param_patterns is configured, LiteLLM validates MCP tool arguments against the configured regular expressions before forwarding the request to the MCP server.

If any argument does not match the allowed pattern, LiteLLM returns an error and does not call the MCP server.

Example configuration:

mcp_servers:
  deepwiki3:
    url: "https://mcp.deepwiki.com/mcp"
    allowed_tools: ["read_wiki_structure"]
  structured_echo:
    url: "http://localhost:3001/mcp"
    allowed_param_patterns:
      structured_echo:
        payload.user.tags[]: "^.+@berri\\.ai$"
        payload.context.extra.score: "^([1-9]|10)$"

[vercel]

@uc4w6c is attempting to deploy a commit to the CLERKIEAI Team on Vercel.

A member of the Team first needs to authorize it.