Hejdar
@ARKALDA
关于 Hejdar
Hejdar MCP Server — runtime policy enforcement for AI agents
基本信息
配置
使用下面的配置,将此服务器添加到你的 MCP 客户端。
{
"mcpServers": {
"hejdar": {
"command": "uvx",
"args": [
"hejdar-mcp"
],
"env": {
"HEJDAR_API_KEY": "your-api-key",
"HEJDAR_API_URL": "https://api.hejdar.com"
}
}
}
}工具
未检测到工具
工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。
概览
What is Hejdar?
Hejdar is an MCP server that exposes the hejdar_evaluate tool to allow MCP-compatible AI agents (e.g., Claude, ChatGPT, Cursor) to check whether an intended action is permitted by organizational policy before executing it. It is a thin wrapper around the Hejdar API (POST /v1/evaluate) and contains no policy logic itself — all decisions come from the user's Hejdar organization's configured policies.
How to use Hejdar?
Install via pip install hejdar-mcp or run directly with uvx hejdar-mcp. Obtain an API key from app.hejdar.com (Settings → API Keys). Configure your MCP client (Claude Desktop, Claude Code, or direct stdio) by setting the HEJDAR_API_KEY environment variable and pointing to the hejdar-mcp command. Once configured, your agent can call hejdar_evaluate with parameters action_type, resource, and optional agent_name and context.
Key features of Hejdar
- Exposes
hejdar_evaluateas a single MCP tool. - Wraps the Hejdar API; no policy logic in the server.
- Supports five action types: READ, WRITE, DELETE, TRANSFER, EXECUTE.
- Returns decisions: ALLOW, DENY, or WOULD_DENY with reason and risk level.
- API key is read from environment variables only; never hardcoded.
- All API calls enforce TLS for secure communication.
Use cases of Hejdar
- Prevent an AI agent from deleting customer data without manager approval.
- Enforce that a code-generation agent can only read, not write, to production databases.
- Block a file-transfer agent from moving sensitive data to an unauthorized server.
- Alert on actions that would be denied (WOULD_DENY) for auditing purposes.
- Integrate runtime policy checks into any MCP-compatible client workflow.


评论