agent-policy-gateway-mcp

Compliance and guardrails server for AI agents. Gives companies the tools to run AI agents safely and within regulatory boundaries.

As AI agents gain autonomy — making purchases, accessing data, sending emails — companies face real compliance risks:

• GDPR (EU): Agents processing personal data must follow strict rules. Violations cost up to 4% of global revenue.
• EU AI Act (2024): High-risk AI systems need human oversight, transparency, and documentation. Non-compliance means fines up to 35M EUR.
• Internal Policies: Companies need spend limits, allowed actions, domain restrictions, and audit trails.

This server provides the "boring infrastructure" that makes autonomous agents enterprise-ready.

| Tool | Description | |------|-------------| | check_pii(text) | Scan text for PII (emails, phones, SSNs, credit cards, IBANs). Returns found types and redacted version. | | apply_guardrails(action, context) | Check if an action is allowed by configurable policies (spend limits, domain allowlists, blocked actions). | | log_action(agent_id, action, details) | Append-only audit log entry with timestamp. Stored in ~/.agent-audit-log/. | | get_audit_log(agent_id, limit) | Retrieve audit log entries for compliance review. | | check_compliance(action_type, jurisdiction) | Check EU AI Act risk level and GDPR requirements for an action type. | | emergency_stop(agent_id, reason) | Kill switch — logs critical event and returns immediate stop signal. |

# Via pip
pip install agent-policy-gateway-mcp

# Via uvx (no install needed)
uvx agent-policy-gateway-mcp

Add to your MCP client config:

{
  "mcpServers": {
    "policy-gateway": {
      "command": "uvx",
      "args": ["agent-policy-gateway-mcp"]
    }
  }
}

Or with pip install:

{
  "mcpServers": {
    "policy-gateway": {
      "command": "policy-gateway-server"
    }