@aiagentkarl/agent-policy-gateway-mcp
v0.1.0
Published
MCP Server for AI agent policy enforcement - PII detection, guardrails, GDPR/EU AI Act compliance, audit logging, and emergency kill switch
Maintainers
aiagentkarlReadme
Agent Policy Gateway MCP Server
MCP server for AI agent policy enforcement. Provides PII detection, guardrails, GDPR/EU AI Act compliance checking, audit logging, and an emergency kill switch.
Features
- PII Detection — Scan text for emails, phone numbers, SSNs, credit cards, IBANs with automatic redaction
- Guardrails — Check agent actions against configurable policies (spend limits, domain whitelists, blocked actions)
- Audit Logging — Append-only JSONL audit trail per agent in
~/.agent-audit-log/ - GDPR Compliance — Check data processing actions against DSGVO requirements
- EU AI Act Compliance — Verify AI operations against EU AI Act risk categories
- Emergency Kill Switch — Instantly block an agent with critical-level audit entry
Installation
npx @aiagentkarl/agent-policy-gateway-mcpClaude Desktop
Add to your claude_desktop_config.json:
{
"mcpServers": {
"policy-gateway": {
"command": "npx",
"args": ["-y", "@aiagentkarl/agent-policy-gateway-mcp"]
}
}
}Tools
check_pii
Scan text for personally identifiable information using regex patterns.
Parameters:
text(string) — Text to scan
Returns: Found PII types, count, masked examples, redacted text, risk level.
apply_guardrails
Check an agent action against security policies.
Parameters:
action(string) — Action to check (e.g. "browse_url", "make_purchase")context(object) — Action context with optionalagent_id,target_url,amount_usd,details
Returns: allow/deny/warn decision with violations and recommendations.
log_action
Write an entry to the append-only audit log.
Parameters:
agent_id(string) — Unique agent identifieraction(string) — Action performeddetails(string, optional) — Additional details
get_audit_log
Retrieve audit log entries for an agent.
Parameters:
agent_id(string) — Agent identifierlimit(number, optional) — Max entries to return (default: 50)
check_compliance
Check GDPR and EU AI Act compliance requirements.
Parameters:
action_type(string) — Type of action (e.g. "data_collection", "profiling", "high_risk_ai", "agent_operations")jurisdiction(string, optional) — "gdpr", "eu_ai_act", or "both" (default)
Returns: Applicable requirements, risk level, and recommendations per framework.
emergency_stop
Kill switch — immediately block an agent from all further actions.
Parameters:
agent_id(string) — Agent to blockreason(string) — Reason for emergency stop
Returns: Confirmation with timestamp. Agent remains blocked until server restart.
Compliance Coverage
GDPR / DSGVO
- Data collection (Art. 6 legal basis, consent)
- Data processing (Art. 30 records, Art. 32 security)
- Data sharing (Art. 28 processor agreements)
- Data deletion (Art. 17 right to erasure)
- Profiling (Art. 22 automated decision-making)
EU AI Act
- High-risk AI systems (Art. 9-15)
- Limited-risk AI (transparency obligations)
- General-purpose AI models
- Prohibited AI practices
- Agent-specific operations
Default Guardrail Policies
| Policy | Default Value | |--------|--------------| | Max spend per action | $100 USD | | Allowed domains | github.com, stackoverflow.com, npmjs.com, pypi.org, wikipedia.org, docs.python.org, developer.mozilla.org | | Blocked actions | delete_production_data, send_mass_email, modify_permissions, access_admin_panel, execute_raw_sql, disable_security | | Require human approval | financial_transaction, data_export, user_deletion, contract_signing |
Audit Log Format
Logs are stored as JSONL files in ~/.agent-audit-log/{agent_id}.jsonl:
{"timestamp":"2026-03-20T10:30:00.000Z","agent_id":"agent-1","type":"action","action":"browse_url","details":"...","status":"logged"}License
MIT