The governance layer for AI agent actions.
AI agents can reason and plan, but the moment they act on external systems, there is no governance. MCP and similar protocols define how agents connect to tools — but not what happens between intent and execution. AgentReserve fills that gap: policy enforcement, idempotency, audit trails, and approval workflows on every action.
This repository is the open-source governance protocol. The hosted control plane (dashboard, credential storage, org management) lives separately.
| Package | Description |
|---|---|
@agentreserve/core |
Governance SDK — policy engine, audit trail, idempotency, action state machine. Zero runtime dependencies. |
@agentreserve/proxy |
Standalone egress proxy for CLI agents. Intercepts outbound HTTP, enforces rules, writes an audit log to SQLite. |
@agentreserve/mcp-tools |
MCP server that exposes AgentReserve actions to any MCP-compatible client (Claude Desktop, Cursor, Windsurf). |
@agentreserve/atp-client |
TypeScript client SDK for the AgentReserve REST API. |
MCP defines how agents connect to tools. AgentReserve defines what happens between the agent calling a tool and the tool executing — governance. MCP has no policy enforcement, idempotency, durable action state, approval workflows, or structured audit trails. That's the gap this project fills.
npm install
npm run build
npm testEach package has its own README with usage and API details.
MIT