MCPG
One governed MCP URL for every backend — identity, policy, audit on every call.
- 96
- signed first-party plugins
- ~33
- backend connector kinds
- 100%
- MCP MUST coverage, CI-gated
- ~107k
- lines of Rust
MCPG sits between the agents that call tools and the systems those tools reach. Consumers connect to a single MCP endpoint; every call flows through the same pipeline — identity, policy, rate limits, redaction, dispatch, tamper-evident audit — before it ever touches an upstream.
Any backend becomes a governed, signed, observable MCP tool: HTTP, gRPC, GraphQL, SQL, Kafka and NATS, subprocesses, LLM providers, other MCP servers, OpenAPI specs. Identity is per-request (OIDC, mTLS, SPIFFE, API keys, LDAP, Kerberos, SAML), authorization is policy-as-code (OPA, Cedar, Casbin, deny-by-default), and secrets are resolved server-side — agents and models never hold credentials.
It deploys from a single static binary on a laptop to a multi-tenant Kubernetes fleet with an operator (8 CRDs), Helm charts, and a control plane with an Ed25519 hash-chained audit ledger that verifies offline.
Give every agent one URL. Keep every decision yours.