SentinelGate
Access control for AI agents. MCP proxy + Policy Decision Point. CEL policies, RBAC, full audit trail. Any container, any sandbox.
What is SentinelGate?
SentinelGate is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to access control for ai agents. mcp proxy + policy decision point. cel policies, rbac, full audit trail. any container, any sandbox.
Access control for AI agents. MCP proxy + Policy Decision Point. CEL policies, RBAC, full audit trail. Any container, any sandbox.
This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- Access control for AI agents. MCP proxy + Policy Decision Po
Use Cases
Maintainer
Works with
Installation
Manual Installation
npx sentinelgateConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use SentinelGate
SentinelGate is an MCP proxy and Policy Decision Point that enforces access control for AI agents before they can call tools on downstream MCP servers. It intercepts every tool invocation, evaluates configurable CEL (Common Expression Language) policies and RBAC rules, scans for PII/secrets in arguments and responses, and logs a complete audit trail of every decision. Security teams and platform engineers use SentinelGate to deploy AI agents safely in production by ensuring no tool call can bypass defined policies, with zero changes required to existing MCP servers.
Prerequisites
- An MCP-compatible AI client (Claude Desktop, Claude Code, or similar)
- One or more downstream MCP servers you want to proxy and protect
- curl or PowerShell to run the one-line installer, or ability to download binary from GitHub Releases
- Port 8080 available on localhost for the proxy and Admin UI
Install SentinelGate
Run the one-line installer for macOS/Linux, or the PowerShell command on Windows. Alternatively, download the appropriate binary for your platform from the GitHub Releases page.
# macOS / Linux
curl -sSfL https://raw.githubusercontent.com/Sentinel-Gate/Sentinelgate/main/install.sh | sh
# Windows PowerShell
irm https://raw.githubusercontent.com/Sentinel-Gate/Sentinelgate/main/install.ps1 | iexStart the SentinelGate service
Launch the proxy. It will start the Admin UI on port 8080 and begin listening for MCP client connections at the proxy endpoint. No initial configuration file is required.
sentinel-gate startOpen the Admin UI and configure policies
Navigate to the Admin UI to connect upstream MCP servers, define RBAC roles, and write CEL policies. For example, add a policy `deny delete_*` to block all destructive delete operations across any connected tool.
# Open in browser
open http://localhost:8080/adminPoint your MCP client to SentinelGate
Update your AI client configuration to connect to SentinelGate's proxy endpoint instead of directly to your MCP servers. Use the API key shown in the Admin UI for Bearer token authentication.
Verify the audit trail
After making a few tool calls through your AI client, check the Admin UI audit log to confirm SentinelGate is intercepting calls, evaluating policies, and recording decisions with full context.
SentinelGate Examples
Client configuration
Configure your MCP client to route through SentinelGate's proxy endpoint. SentinelGate then forwards permitted calls to the upstream servers you configured in its Admin UI.
{
"mcpServers": {
"sentinelgate": {
"command": "sentinel-gate",
"args": ["start"],
"env": {}
}
}
}Prompts to try
Once SentinelGate is running and an upstream MCP server is connected, test policy enforcement and audit logging through your AI client.
- "List all tools available through SentinelGate"
- "Try to call a delete tool and show me whether it was blocked by policy"
- "What actions have been taken in this session according to the audit log?"
- "Show the active RBAC policies currently enforced by SentinelGate"Troubleshooting SentinelGate
Port 8080 is already in use and the service fails to start
Check which process is using port 8080 with `lsof -i :8080` (macOS/Linux) or `netstat -ano | findstr 8080` (Windows). Stop the conflicting process or configure SentinelGate to use a different port via its optional YAML configuration.
AI client cannot connect to the proxy endpoint
Ensure sentinel-gate is running and the proxy endpoint is accessible at http://localhost:8080/mcp. Check that you are passing the correct API key as a Bearer token in the Authorization header as shown in the Admin UI.
All tool calls are being denied even when no deny policies are configured
Verify that the upstream MCP server is correctly registered in the Admin UI and that SentinelGate successfully discovered its tools. Check the Admin UI logs for connection errors to the upstream server.
Frequently Asked Questions about SentinelGate
What is SentinelGate?
SentinelGate is a Model Context Protocol (MCP) server that access control for ai agents. mcp proxy + policy decision point. cel policies, rbac, full audit trail. any container, any sandbox. It connects AI assistants to external tools and data sources through a standardized interface.
How do I install SentinelGate?
Follow the installation instructions on the SentinelGate GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.
Which AI clients work with SentinelGate?
SentinelGate works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is SentinelGate free to use?
Yes, SentinelGate is open source and available under the AGPL 3.0 license. You can use it freely in both personal and commercial projects.
SentinelGate Alternatives — Similar Security Servers
Looking for alternatives to SentinelGate? Here are other popular security servers you can use with Claude, Cursor, and VS Code.
Casdoor
★ 13.6kAn open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD
ghidraMCP
★ 9.0kAn Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through
HexStrike AI
★ 8.9kHexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b
IDA Pro MCP
★ 8.7kEnables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.
Anthropic Cybersecurity Skills
★ 6.6k754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform
Hooker
★ 5.1k🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u
Browse More Security MCP Servers
Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up SentinelGate in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use SentinelGate?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.