Aegis — AI Agent Governance

Name: Aegis — AI Agent Governance
Author: Acacian

Acacian/aegis

Govern which tools your AI agent may call using YAML policies, human approval gates, and audit logs before risky actions hit production.

Overview

io.github.Acacian/aegis is a MCP server for the Ship phase that enforces YAML policy, approvals, and audit logging on AI agent tool calls.

What is this MCP server?

YAML-defined policies for AI agent tool invocations
Approval gates before sensitive or disallowed tool calls proceed
Audit logging for accountability across agent sessions
PyPI package agent-aegis with optional AEGIS_POLICY_PATH env
stdio MCP transport for local agent hosts
Registry version 0.1.7 (PyPI package 0.1.6 in metadata)
Policy configuration via AEGIS_POLICY_PATH environment variable
stdio MCP transport via PyPI identifier agent-aegis

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Community signal: 9 GitHub stars.

What problem does it solve?

Powerful coding agents can execute destructive or costly tools faster than you can notice, with no single place defining what is allowed.

Who is it for?

Indie builders running Claude Code or similar agents against real repos who want explicit tool governance before sharing workflows or shipping automation broadly.

Skip if: Static application penetration testing or teams with no agent tool access who only need traditional SAST dashboards.

What do I get? / Deliverables

After registration, tool calls flow through Aegis so policy violations are blocked or held for approval, with an audit trail you can review.

Enforced tool-call policy with optional human approval steps
Persistent audit logging of agent tool attempts and decisions
Central governance layer reusable across agent projects

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

HSM-backed vault secrets for AI agents (JIT fetch) plus prompt-injection and threat scanning.2 stars

1passwordCakeRepository/1Password-MCP

MCP server for 1Password service accounts — tools and resources for vaults and credentials16 stars

402sentinel Mcpkaditang/402sentinel-mcp

Assess an x402 counterparty's risk BEFORE paying: allow/review/block, scored on-chain (Base).1 stars

A2a Governance Bridge Mcp

A2A Governance Bridge MCP server. Tools: verify agent compliance, authorize a2a transaction, get tru

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

Remote MCP for A2A dependency inspector MCP, structured receipts, audit logs, and reviewer-ready evi

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

Remote MCP for A2A caller identity, scope policy, verdict receipts, and audit history.

Journey fit

Primary fit

Tool-call governance is a Ship concern when agents can touch files, networks, or payments and you need guardrails before wide release. Security is the canonical shelf because Aegis enforces policy, approvals, and auditing on agent actions rather than building product features.

How it compares

Policy and approval MCP for agent tools, not a network pentest suite or a secrets scanner alone.

Common Questions / FAQ

Who is io.github.Acacian/aegis for?

Solo builders and small teams operating AI coding agents who need YAML policies, approval gates, and audit logs on tool usage.

When should I use io.github.Acacian/aegis?

Use it during Ship security hardening and ongoing agent operation whenever tools can modify infrastructure, data, or external services.

How do I add io.github.Acacian/aegis to my agent?

Install agent-aegis from PyPI, set AEGIS_POLICY_PATH to your YAML policy file, add the stdio MCP server in your agent config, and route tool calls through Aegis per project docs.

What is this MCP server?