AgentFence Feature

A Firewall for Every MCP Tool-Call

The Model Context Protocol lets agents call tools and reach data - powerful, and unbounded by default. AgentFence’s MCP gateway evaluates each call, scores its risk, enforces data boundaries, and routes approvals.

Talk to usFree to start - no card required.
AgentFence · MCP Gateway
CALLS EVALUATED
9,120
last 24h
HIGH-RISK TOOLS
14
scored + flagged
APPROVALS
23
pending
read_ticket - low riskallow
export_customers - data boundarystep-up
unregistered MCP serverdeny
delete_records - high risk toolescalate
POST /api/mcp-gateway/evaluateper-call

Illustrative product view

Why MCP needs a security layer

MCP is the connective tissue between agents and the tools and data they act on. By default it trusts whatever server and tool the agent reaches for, with no evaluation of whether that specific call is safe. AgentFence puts a gateway in front: POST /api/mcp-gateway/evaluate scores and decides each invocation, /policies defines the rules, /servers registers what is allowed, /logs records what happened, and /approvals routes approve, deny, or escalate.

What the gateway does per call

EndpointWhat it does
POST /api/mcp-gateway/evaluateEvaluate a single tool-call and return a verdict
GET|PUT /api/mcp-gateway/policiesDefine the rules that govern calls
/api/mcp-gateway/serversRegister and authorize MCP servers
/api/mcp-gateway/logsRecord every evaluated call
/api/mcp-gateway/approvalsApprove, deny, or escalate held calls
MCP gateway surface

Tool risk scoring

  • Each tool is scored by what it can do - read, write, delete, export
  • Unregistered servers and tools are denied until authorized
  • Data-boundary rules gate calls that would move sensitive data
  • High-risk calls escalate to an approval instead of running

How it fits the platform

The MCP gateway is the enforcement point for agent tool-calls, and it consults the same decision vocabulary as the rest of the platform. Verdicts are recorded to the tamper-evident ledger, and MCP governance handles the longer-lived questions of which servers and tools are authorized in the first place.

Frequently asked questions

What is MCP security?

MCP security is controlling the tool-calls agents make over the Model Context Protocol. AgentFence provides a gateway that evaluates each call, scores the risk of the tool, enforces data boundaries, and routes approvals - so an agent cannot silently reach an unregistered server or move sensitive data through a tool-call.

What is an MCP firewall or gateway?

It is a control point that sits in front of MCP tool invocations. Every call goes through POST /api/mcp-gateway/evaluate, which returns a verdict based on the policy, the registered servers, and the tool’s risk. Held calls go to an approvals queue to approve, deny, or escalate.

Can it block calls to unauthorized MCP servers?

Yes. Servers are registered and authorized through the gateway; calls to unregistered servers or tools are denied until they are explicitly allowed. That prevents an agent from reaching a rogue or unvetted MCP server.

How does it handle sensitive data in tool-calls?

The gateway applies data-boundary controls: a tool-call that would move sensitive data across a boundary is stepped up or held for approval rather than executed automatically. It treats MCP calls the way a DLP treats data flows.

Stay in the loop

One practical finance briefing a week - new guides, checklists, and benchmarks.

 

Put a gateway in front of MCP

Evaluate, score, and gate every Model Context Protocol tool-call.

Talk to us