Reins

v1.0.0Securitystable

Stop AI agents from doing things you didn't ask for.

agent-observabilityagent-securityai-monitoringai-safetyaudit-trail
Share:
415
Stars
0
Downloads
0
Weekly
0/5

What is Reins?

Reins is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to stop ai agents from doing things you didn't ask for.

Stop AI agents from doing things you didn't ask for.

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • Stop AI agents from doing things you didn't ask for.

Use Cases

Monitor and control AI agent actions with audit trails.
Prevent unintended AI agent behavior before it occurs.
pegasi-ai

Maintainer

LicenseApache-2.0
Languagepython
Versionv1.0.0
UpdatedMay 20, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx reins

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Reins

Reins is a security and observability layer for AI agents that intercepts, scores, and optionally blocks high-impact tool calls before they execute. It evaluates every agent action synchronously with sub-50ms latency, maintains an immutable append-only audit log at `~/.openclaw/reins/decisions.jsonl`, and routes destructive or irreversible operations through explicit human approval flows. Security teams and developers use Reins to enforce least-privilege policies on Claude Code, OpenClaw, and MCP-compatible agents — preventing accidental bulk deletions, unauthorized deployments, or out-of-scope file modifications.

Prerequisites

  • Node.js 18.0.0 or higher installed
  • npm available for global package installation
  • Claude Code CLI or another MCP-compatible agent client
  • An AI agent workflow that uses PreToolUse/PostToolUse hooks (e.g., Claude Code)
1

Install Reins globally via npm

Install the Reins package globally so the `reins` CLI is available system-wide. Then run the initialization command to set up configuration files and the audit log directory.

npm install -g @pegasi-ai/reins
reins init
2

Install the Claude Code skill (optional but recommended)

For Claude Code integration, install the Reins skill file into your Claude skills directory. This enables the /reins slash command and automatic hook integration within Claude Code sessions.

mkdir -p ~/.claude/skills/reins
curl -o ~/.claude/skills/reins/SKILL.md \
  https://raw.githubusercontent.com/pegasi-ai/reins/main/.claude/skills/reins/SKILL.md
3

Configure Reins as an MCP server

Add Reins to your MCP client configuration. Reins intercepts tool calls from your agent and evaluates them against its policy engine before allowing execution.

{
  "mcpServers": {
    "reins": {
      "command": "reins",
      "args": ["serve"],
      "env": {}
    }
  }
}
4

Review the audit log to understand agent behavior

Reins writes every tool call decision — allowed, blocked, or escalated — to an immutable JSONL file. Use this log to audit what your agents have done and tune policies accordingly.

cat ~/.openclaw/reins/decisions.jsonl | tail -20
5

Set up approval flows for high-impact actions

Reins routes high-irreversibility actions through an approval flow. When triggered, the agent pauses and requests an explicit confirmation token before proceeding. Review the Reins documentation at github.com/pegasi-ai/reins for policy configuration syntax.

Reins Examples

Client configuration

Configure Reins as an MCP server in Claude Desktop or Claude Code to enable agent action interception and audit logging.

{
  "mcpServers": {
    "reins": {
      "command": "reins",
      "args": ["serve"],
      "env": {}
    }
  }
}

Prompts to try

Reins works transparently in the background. These prompts test its blocking and audit capabilities when used with an agent that has filesystem or email access.

- "Delete all files in my Downloads folder that are older than 30 days" (Reins should intercept for approval)
- "Show me the last 10 decisions Reins made about my agent's actions"
- "What is the irreversibility score threshold before Reins blocks an action?"
- "Send a bulk email to all my contacts" (Reins should block or require confirmation token)

Troubleshooting Reins

reins command not found after npm install

Ensure npm's global bin directory is in your PATH. Run `npm config get prefix` to find the prefix, then add `<prefix>/bin` to your PATH. Alternatively use `npx @pegasi-ai/reins serve` in the MCP config args instead of the bare `reins` command.

Agent actions are not being intercepted by Reins

Reins must be configured as an MCP server in the same client your agent uses. Verify the MCP server config is correct and that Claude Code or your client has been restarted after adding Reins. Check that PreToolUse hooks are enabled in your client.

Approval flow is blocking every action, including harmless reads

Adjust the irreversibility scoring thresholds in the Reins configuration (created by `reins init` in `~/.openclaw/reins/`). Read-only operations should have low scores and bypass approval flows by default — check the config for any overly restrictive policy rules.

Frequently Asked Questions about Reins

What is Reins?

Reins is a Model Context Protocol (MCP) server that stop ai agents from doing things you didn't ask for. It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Reins?

Follow the installation instructions on the Reins GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with Reins?

Reins works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Reins free to use?

Yes, Reins is open source and available under the Apache-2.0 license. You can use it freely in both personal and commercial projects.

Reins Alternatives — Similar Security Servers

Looking for alternatives to Reins? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "reins": { "command": "npx", "args": ["-y", "reins"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use Reins?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides