Arbiter Toolchain

Governs what AI agents are allowed to do.

Deny-by-default access control between your AI agents and the tools they reach for. Every call authorized, budgeted, and logged.

Get Started View Source
firewall

Deny by default

Every tool call hits the policy engine before it reaches the MCP server. No implicit allows. No fallback to open.

Session governance

Budgets, behavioral bounds, drift detection. Agents stay within the scope they were given.

Audit trail

Every authorization decision logged with PII automatically redacted. Full forensic replay of any session.

Install

curl -sSf https://raw.githubusercontent.com/cyrenei/arbiter-mcp-firewall/main/install.sh | sh

Linux and macOS. SHA-256 verified. No sudo required.