Summary
A policy checker for URLs that agents want to fetch, surfaced as three MCP tools: check_url for single decisions, check_urls_batch for bulk analysis, and validate_policy to catch common mistakes like overly broad wildcards or malformed host patterns. The server wraps the @mukundakatta/agentguard library so Claude Desktop, Cursor, or any MCP client can ask "would my firewall allow this?" before letting a tool make a real request. Note that this only returns allow/deny verdicts; it doesn't intercept or block actual network calls. Useful when you're writing egress policies and want the LLM to help audit which URLs would pass, or when prototyping multi-tool workflows where network boundaries matter.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
agentguard-mcp
MCP server for @mukundakatta/agentguard. Lets Claude Desktop, Cursor, Cline, Windsurf, Zed, or any other MCP client check whether a URL is allowed under a network-egress policy before any fetch.
npx -y @mukundakatta/agentguard-mcp
Three tools:
check_url— single URL check: returns{ allowed, reason }without making any actual request.check_urls_batch— batch check with per-URL decisions plus a summary.validate_policy— sanity-check a policy spec for empty allowlists, overly broad*wildcards, and malformed host patterns.
Add to your client
Claude Desktop
Edit ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows):
{
"mcpServers": {
"agentguard": {
"command": "npx",
"args": ["-y", "@mukundakatta/agentguard-mcp"]
}
}
}
Same shape for Cursor (~/.cursor/mcp.json), Cline, Windsurf, Zed.
Tool examples
check_url:
{
"url": "https://api.openai.com/v1/chat",
"policy": { "allow": ["api.openai.com", "*.anthropic.com"] }
}
Returns:
{ "allowed": true, "reason": "matched_allowlist", "detail": null }
check_urls_batch:
{
"urls": [
"https://api.openai.com/v1/chat",
"https://evil.example.com/leak"
],
"policy": { "allow": ["api.openai.com"] }
}
Returns:
{
"results": [
{ "url": "https://api.openai.com/v1/chat", "allowed": true, ... },
{ "url": "https://evil.example.com/leak", "allowed": false, "reason": "not_in_allowlist", ... }
],
"summary": { "total": 2, "allowed_count": 1, "denied_count": 1 }
}
validate_policy:
{ "policy": { "allow": ["*", "https://api.example.com", "api.example.com/v1"] } }
Returns issues for the * wildcard, the scheme prefix, and the path suffix — common mistakes when first writing a policy.
Why a separate MCP server
@mukundakatta/agentguard is a zero-dependency JavaScript library. This MCP server makes its decision engine accessible from any MCP-aware AI assistant: ask Claude "does my agent's tool list pass this firewall?" or "which of these 50 URLs would my policy block?" and the assistant calls these tools directly.
Note: this MCP server only checks URLs — it does not actually wrap fetch or block real requests. For runtime enforcement, use @mukundakatta/agentguard directly inside your Node process.
Sibling MCP servers
Part of the agent-stack series:
@mukundakatta/agentfit-mcp— Fit it.@mukundakatta/agentguard-mcp— Sandbox it. (this)@mukundakatta/agentsnap-mcp— Test it.@mukundakatta/agentvet-mcp— Vet it.@mukundakatta/agentcast-mcp— Validate it.
License
MIT
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →Categories
Registryactive
Package@mukundakatta/agentguard-mcp
TransportSTDIO
UpdatedApr 27, 2026
