Agent Governance
MCP Policy Gateway guard (tool governance)
Minimal MCP governance guard for tool allowlists, audit trails, and policy tagging with policy_user and policy_project_id.
Updated 2026-01-16
MCP is an open standard for connecting assistants to external tools. The Policy Gateway guard adds tool governance on top.
This minimal guard enforces tool allowlists, logs every invocation with reason codes, and reuses policy_user and policy_project_id tags.
const toolPolicy = {
policy_id: "mcp-guard-v1",
policy_version: "2026-01-16",
allowlist: ["crm.read", "tickets.update", "billing.lookup"],
reason_codes: { allow: "ALLOW", block: "TOOL_NOT_ALLOWED" },
};
export function guardToolCall({ toolName, policyUser, policyProjectId }) {
const allowed = toolPolicy.allowlist.includes(toolName);
const decision = allowed ? "allow" : "block";
const reasonCode = allowed ? toolPolicy.reason_codes.allow : toolPolicy.reason_codes.block;
logToolAudit({
tool_name: toolName,
decision,
reason_code: reasonCode,
policy_id: toolPolicy.policy_id,
policy_version: toolPolicy.policy_version,
policy_user: policyUser,
policy_project_id: policyProjectId,
});
if (!allowed) throw new Error("Tool call blocked by policy.");
}Enforce tool-call allowlists
Apply a guard at the MCP server boundary before tool calls are executed.
Log every tool invocation
Emit a structured audit event for each tool call with decision metadata.
{
"event_type": "tool_invocation",
"tool_name": "crm.read",
"decision": "allow",
"reason_code": "ALLOW",
"policy_id": "mcp-guard-v1",
"policy_version": "2026-01-16",
"policy_user": "user-12345",
"policy_project_id": "support-bot",
"created_at": "2026-01-16T19:11:22Z"
}Route tool audits to export destinations
Land MCP tool logs in the same SIEM or log platform as LLM audit logs.