SentinelGate

Name: SentinelGate
Author: Sentinel-Gate

Sentinel-Gate/Sentinelgate

Put an MCP proxy in front of agent tool access so CEL policies, RBAC, and audit logs gate what Claude or Cursor can call in production-adjacent workflows.

Overview

SentinelGate is an MCP server for the Ship phase that proxies agent MCP requests with CEL policies, RBAC, and auditing.

What is this MCP server?

Open-source MCP proxy for AI agent access control
CEL policies plus RBAC for fine-grained tool and resource rules
Audit trail oriented design for agent MCP traffic
Shipped as mcpb binaries for darwin arm64/amd64 and linux amd64 at v2.0.0
stdio transport compatible with standard MCP clients behind the proxy
Server version 2.0.0
3 published mcpb platform packages (darwin arm64, darwin amd64, linux amd64)

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Community signal: 25 GitHub stars.

What problem does it solve?

Connecting agents directly to powerful MCP tools creates blind spots—no consistent policy, roles, or audit trail when tools run.

Who is it for?

Indie builders and small teams exposing multiple MCP tools to agents in staging or production who need centralized deny/allow rules and audit.

Skip if: Hobby projects with a single benign local MCP tool and no compliance or shared-environment risk.

What do I get? / Deliverables

After deployment, MCP traffic flows through SentinelGate so only policy-allowed tools run under assigned roles with auditable records.

Policy-gated MCP proxy layer for agent sessions
RBAC-scoped tool access across chained MCP servers
Audit-oriented handling of agent MCP invocations

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Ship is canonical because access control and audit for agent MCP traffic matter most when you are hardening before and during release. Security subphase matches CEL policy enforcement, role-based restrictions, and tamper-evident auditing of MCP calls.

How it compares

MCP access-control proxy, not an MCP server that fetches data or compiles documents.

Common Questions / FAQ

Who is SentinelGate for?

Builders shipping agent-assisted workflows who must limit which MCP tools run, for which roles, with an audit trail.

When should I use SentinelGate?

Use it before agents touch sensitive integrations—payments, deploy hooks, internal APIs—especially during security review and production operation.

How do I add SentinelGate to my agent?

Download the matching v2.0.0 mcpb release for your OS/architecture, configure CEL policies and RBAC, point your MCP client at the SentinelGate stdio proxy, and chain downstream servers behind it.

SentinelGate

Sentinel-Gate/Sentinelgate

Put an MCP proxy in front of agent tool access so CEL policies, RBAC, and audit logs gate what Claude or Cursor can call in production-adjacent workflows.

Overview

SentinelGate is an MCP server for the Ship phase that proxies agent MCP requests with CEL policies, RBAC, and auditing.

What is this MCP server?

Open-source MCP proxy for AI agent access control
CEL policies plus RBAC for fine-grained tool and resource rules
Audit trail oriented design for agent MCP traffic
Shipped as mcpb binaries for darwin arm64/amd64 and linux amd64 at v2.0.0
stdio transport compatible with standard MCP clients behind the proxy
Server version 2.0.0
3 published mcpb platform packages (darwin arm64, darwin amd64, linux amd64)

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Community signal: 25 GitHub stars.

What problem does it solve?

Connecting agents directly to powerful MCP tools creates blind spots—no consistent policy, roles, or audit trail when tools run.

Who is it for?

Indie builders and small teams exposing multiple MCP tools to agents in staging or production who need centralized deny/allow rules and audit.

Skip if: Hobby projects with a single benign local MCP tool and no compliance or shared-environment risk.

What do I get? / Deliverables

After deployment, MCP traffic flows through SentinelGate so only policy-allowed tools run under assigned roles with auditable records.

Policy-gated MCP proxy layer for agent sessions
RBAC-scoped tool access across chained MCP servers
Audit-oriented handling of agent MCP invocations

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

How it compares

MCP access-control proxy, not an MCP server that fetches data or compiles documents.

Common Questions / FAQ

Who is SentinelGate for?

Builders shipping agent-assisted workflows who must limit which MCP tools run, for which roles, with an audit trail.

When should I use SentinelGate?

Use it before agents touch sensitive integrations—payments, deploy hooks, internal APIs—especially during security review and production operation.

How do I add SentinelGate to my agent?

Download the matching v2.0.0 mcpb release for your OS/architecture, configure CEL policies and RBAC, point your MCP client at the SentinelGate stdio proxy, and chain downstream servers behind it.

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is SentinelGate for?

When should I use SentinelGate?

How do I add SentinelGate to my agent?

This week for builders

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is SentinelGate for?

When should I use SentinelGate?

How do I add SentinelGate to my agent?