Sentinelgate
@Sentinel-Gate
About Sentinelgate
Open-source MCP proxy for AI agent access control. Intercepts every tool call with CEL policies, RBAC, full audit trail, content scanning, and Admin UI. Single binary, zero dependencies.
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"sentinelgate": {
"type": "http",
"url": "http://localhost:8080/mcp",
"headers": {
"Authorization": "Bearer <your-api-key>"
}
}
}
}Tools
No tools detected
We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.
Overview
What is SentinelGate?
SentinelGate is an MCP (Model Context Protocol) proxy that intercepts every tool call, shell command, and file read before it executes. It enforces deterministic rules and provides a full audit trail. Designed for developers and security teams running AI agents with MCP.
How to use SentinelGate?
Install with one command (macOS/Linux: curl ... | sh; Windows: irm ... | iex) or download a release binary. Start with sentinel-gate start, then point any MCP-compatible client to http://localhost:8080/mcp with an API key. Policies are managed via the Admin UI at http://localhost:8080/admin.
Key features of SentinelGate
- Single binary, zero dependencies, sub‑millisecond overhead
- Deterministic enforcement with CEL‑powered rules
- MCP‑native proxy that aggregates multiple upstream servers
- Full audit trail with identity, decision, and timestamps
- Admin UI for policy editing, testing, and monitoring
- Identity and access control with API keys and roles
- Content scanning for PII, secrets, and IPI
- Session‑aware policies and behavioral drift detection
- Built‑in red team testing with 30 attack patterns
Use cases of SentinelGate
- Block prompt injection and hallucination‑driven attacks
- Enforce least‑privilege access per agent and per tool
- Audit every AI agent action for compliance
- Run red team simulations to test security posture
- Isolate agent workloads without modifying agent code
FAQ from SentinelGate
How does SentinelGate differ from AI‑based security solutions?
SentinelGate uses deterministic rules (CEL), not AI judgment. deny delete_* always means denied.
What are the runtime dependencies?
None. SentinelGate is a single binary with zero dependencies and sub‑millisecond overhead.
What data does SentinelGate store?
It stores audit logs, policies, session recordings, and configuration. All persisted automatically via the Admin UI. Optionally exportable.
Is SentinelGate a full OS sandbox?
No. It is an MCP proxy that controls tool access through the MCP protocol. For full OS‑level isolation, combine with containers or VMs.
How do agents authenticate?
Agents authenticate with an API key passed via the Authorization: Bearer <key> header. API keys are managed in the Admin UI with per‑identity roles.
More Other MCP servers
Inbox Zero AI MCP
elie222The world's best AI personal assistant for email. Open source app to help you reach inbox zero fast.
🪟 Windows-MCP
CursorTouchMCP Server for Computer Use in Windows
Mcp
browsermcpBrowser MCP is a Model Context Provider (MCP) server that allows AI applications to control your browser
FastMCP v2 🚀
jlowin🚀 The fast, Pythonic way to build MCP servers and clients.

Sequential Thinking
modelcontextprotocolModel Context Protocol Servers
Comments