MCP Guard
Evaluate tool requests
Use policy to allow safe MCP-style calls, require approval for risky actions, and block dangerous tools.
MCP
Govern MCP-style tool calls before execution
RuleOak separates MCP-related content into two focused paths: evaluate MCP-style calls with MCP Guard, or explore the local MCP Guard Proxy prototype.
MCP Proxy
Prototype a governance boundary
Route local MCP-style tool calls through a RuleOak proxy layer before they reach a tool handler.
Try it
Run the local proxy demo
The demo is local-only and does not start a network listener or connect to an external MCP server.
npm run mcp:proxy:demo
# search_docs: forwarded
# send_external_message: approval_required
# delete_workspace_file: blocked