Allow
Read-only tools such as search_docs can proceed.
MCP Guard Pack
Govern MCP-style tool requests before execution
RuleOak Core v2.0.1 includes an MCP Guard Pack that normalizes local MCP-style tool manifests, evaluates tools/call requests, and records policy, evidence, approval, and audit outcomes.
npm run mcp:demo
npm run report:htmlApproval
External actions such as send_external_message pause for human review.
Block
Destructive actions such as delete_workspace_file are blocked by policy.