Agentguard
Check outbound URLs from agent tools against a declarative egress policy before requests leave your environment.
Overview
Agentguard is an MCP server for the Ship phase that checks agent tool URLs against a declarative egress policy.
What is this MCP server?
- Declarative policy checks for network egress from agent-triggered URL fetches
- stdio MCP server @mukundakatta/agentguard-mcp on npm
- Blocks or flags tool calls that violate your allowlist or deny rules
- Policy-as-data instead of hardcoding URL checks in every tool wrapper
- Package @mukundakatta/agentguard-mcp version 0.1.0
- Transport type stdio
- Repository github.com/MukundaKatta/agentguard-mcp
Community signal: 1 GitHub stars.
What problem does it solve?
Autonomous agents can fetch URLs you never intended, with no shared policy layer across tools.
Who is it for?
Solo builders shipping agents that use web fetch or HTTP tools and want a simple declarative firewall.
Skip if: Static apps with no agent egress, or teams that already enforce egress solely at the corporate VPN layer.
What do I get? / Deliverables
Outbound URLs get a consistent policy check with a clear allow or deny before the agent executes the fetch.
- Policy-backed URL verdicts for proposed agent egress
- Stdio MCP integration in agent config
Recommended MCP Servers
Journey fit
How it compares
MCP egress policy checker, not a full WAF or secrets vault.
Common Questions / FAQ
Who is agentguard for?
Developers shipping AI agents that call HTTP or browser tools and need URL allowlists or blocklists.
When should I use agentguard?
Use it before launch when agent tools can reach the public internet or internal networks from your machine or CI.
How do I add agentguard to my agent?
Install @mukundakatta/agentguard-mcp, register the stdio MCP server, define your declarative policy, and invoke the check before executing fetch-related tools.