No perimeter
AI agents read files, push code, and query databases autonomously — with no enforcement layer between the agent and your infrastructure.
MCP security platformOpen source
Runtime enforcement, policy control, and trust scores for every MCP tool call. mastyf.ai intercepts agent actions, blocks violations before they execute, and scores npm packages so teams ship without guessing.
Path traversal · /etc/passwd
Try it now — no account required
Runtime enforcement, policy control, ops visibility, and public trust scores — built from the open-source mastyf.ai repo.
mastyf.ai sits between your AI client and MCP servers. BlockGuard enforces policy synchronously on every call — prompt injection, path traversal, secret exfiltration, and shell commands are stopped before they reach your infrastructure.
/etc/passwdBlockGuard enforced blocked on filesystem/read
Why mastyf
Generic AI firewalls describe risk. mastyf enforces on every MCP tool call with repo-backed policy, corpus gates, and a Security Swarm that compounds with every attack.
AI agents read files, push code, and query databases autonomously — with no enforcement layer between the agent and your infrastructure.
When something goes wrong, teams cannot answer what action the agent took, on behalf of which user, in which system.
Teams have no simple way to verify which MCP packages are safe before agents connect to production data.
BlockGuard sits in the MCP path and stops violations before execution. Pattern detection runs in microseconds; semantic LLM audit catches borderline cases async.
Run mastyf.ai between your AI client and MCP servers — Docker, source build, or connect to the cloud console. Every tool call flows through BlockGuard.
Start in audit mode to see what your agents do. Tune rules in YAML, then switch to block mode for production enforcement.
Look up npm MCP packages for trust scores, embed badges in READMEs, and let the Security Swarm keep learning from every block.
Holistic MCP protection across ingress, economics, policy, intelligence, upstream, and egress. Every tools/call on all transports flows through the defense orchestrator.

Real capabilities from the open-source repo — fleet management, evidence packs, economics controls, and human-reviewed threat discovery.
Auto-discover MCP servers across your org, patch IDE configs, and enforce policy fleet-wide from the cloud console. One control plane for every agent endpoint.
Sign in with Google or GitHub to edit policy YAML, copy tenant env snippets, rotate API keys, and manage your fleet. Free — no credit card.
Runtime enforcement, trust scores, Security Swarm, and deployment.
mastyf.ai is perimeter security for AI agents using MCP. It intercepts every tool call, enforces your security policy, blocks violations before execution, and provides trust scores for npm MCP packages — all from one open-source platform.
Questions about scores, badges, the cloud console, or privacy requests?
Email mastyf.support@gmail.comLook up any npm package free — no account required.