Skip to main content
MCP Proxy · governed tool calls

Governance for every MCP tool call.

For everyone else, governance stops at the LLM boundary. DVARA governs the other half of agentic AI — the tool calls your agents make to MCP servers — with policy, PII scanning, human approval gates, and an immutable signed audit trail.

Start Free TrialBook a demo
The gap

Agents don't just call models. They call tools.

Every MCP tool call can read a database, send an email, or move money. Gateways that govern only model calls leave that half of agentic AI ungoverned. DVARA's MCP Proxy puts the same policy, audit, and PII controls on tool calls that it puts on model calls.

Capabilities

Full governance on the tool-call path

Server registry & per-tenant rules

Register every MCP server once, then scope which tools and servers each tenant can reach.

Policy on every tool call

Allow or deny by tool, server, tenant, or argument — the same Policy-as-Code engine that governs model calls.

PII scanning on args and responses

Scan tool-call arguments and responses for PII, then block, redact, or log before data crosses the boundary.

Human approval gates

Require human sign-off on sensitive tools, enforced at execution. Approve or deny from the console or a signed webhook link.

Agent loop detection

Detect repetition and cycle patterns in agent tool calls and auto-kill runaway sessions.

Credential centralization

Hold MCP server credentials centrally and rotate them with grace-period overlap — agents never see raw secrets.

Multi-agent session tracking

Follow every agent session across LLM turns and MCP calls with a full, replayable timeline.

Immutable signed audit

Every tool call is HMAC-signed and hash-chained into a tamper-evident trail — the same evidence your auditor gets for model calls.

MCP injection detection

Catch tool-poisoning and prompt-injection attempts in MCP tool definitions and responses.

End-to-end tracing

One OpenTelemetry trace spans the model turn and every downstream tool call.

How it works

Every tool call passes through the proxy

  1. 1

    Agent issues a tool call

    Your agent calls an MCP tool through the DVARA MCP Proxy on :8070 instead of hitting the server directly.

  2. 2

    Registry & policy

    The proxy resolves the server from the registry and evaluates the tool call against tenant and platform policy.

  3. 3

    PII scan & approval

    Arguments are scanned for PII; sensitive tools pause for human approval before anything executes.

  4. 4

    Execute & audit

    The call reaches the upstream MCP server, the response is scanned, and every step is signed into the audit trail.

In the product

Every MCP tool call, recorded in DVARA Flightdeck

The MCP Tool Calls view in DVARA Flightdeck — real-time tool-call records with server, tool, tenant, session, status, and latencyThe MCP Tool Calls view in DVARA Flightdeck — real-time tool-call records with server, tool, tenant, session, status, and latency
Real-time visibility into MCP tool-call activity across every server and agent — each call recorded with server, tool, tenant, session, status, and latency.

Govern your agents' tool calls today.

The MCP Proxy ships on every tier. Start a free 30-day trial, or read how it works.

Start Free Trial
Agentic governanceAgents & MCP in FlightdeckMCP servers, activity & approvals