MCP.so

Hejdar

Created By
ARKALDA2 months ago
Runtime policy enforcement for AI agents. Evaluate every agent action against your organization's policies before execution. Define policies once in the Hejdar dashboard, enforce everywhere via MCP. Supports observe mode (shadow/audit) and enforce mode (real-time blocking).
# AI
# cybersecurity
OverviewContentToolsComments
Overview

hejdar-mcp

MCP server for Hejdar — runtime policy enforcement for AI agents.

This server exposes hejdar_evaluate as an MCP tool. Any MCP-compatible agent (Claude, ChatGPT, Cursor, custom) can call it to check whether an action is permitted by organizational policy before executing it.

The MCP server is a thin wrapper around the Hejdar API (POST /v1/evaluate). It contains no policy logic — all decisions come from your Hejdar organization's configured policies.

Quick Start

1. Install

pip install hejdar-mcp

Or run directly with uvx:

uvx hejdar-mcp

2. Get your API key

Sign up at app.hejdar.com and create an API key in Settings → API Keys.

3. Configure your MCP client

Claude Desktop

Add to your Claude Desktop config (~/Library/Application Support/Claude/claude_desktop_config.json on macOS, %APPDATA%\Claude\claude_desktop_config.json on Windows):

{
  "mcpServers": {
    "hejdar": {
      "command": "uvx",
      "args": ["hejdar-mcp"],
      "env": {
        "HEJDAR_API_KEY": "hejdar_sk_your_key_here"
      }
    }
  }
}

Claude Code

Add to your Claude Code MCP settings:

{
  "mcpServers": {
    "hejdar": {
      "command": "uvx",
      "args": ["hejdar-mcp"],
      "env": {
        "HEJDAR_API_KEY": "hejdar_sk_your_key_here"
      }
    }
  }
}

Direct (stdio)

export HEJDAR_API_KEY=hejdar_sk_your_key_here
hejdar-mcp

Getting Started

  1. Install: pip install hejdar-mcp or uvx hejdar-mcp
  2. Get an API key — contact us at hello@hejdar.com or visit hejdar.com
  3. Configure your MCP client (see configuration example above)

Tool: hejdar_evaluate

Evaluate an agent action against your organization's security policies.

Input:

ParameterTypeRequiredDescription
action_typestringYesREAD, WRITE, DELETE, TRANSFER, or EXECUTE
resourcestringYesTarget resource, e.g. customer_database
agent_namestringNoName of the calling agent, e.g. hr-assistant
contextobjectNoFree-form metadata (department, user_id, reason, etc.)

Output:

{
  "decision": "DENY",
  "policy_id": "pol_abc123",
  "reason": "Deletion of customer data requires manager approval",
  "risk_level": "HIGH"
}

decision is one of: ALLOW, DENY, WOULD_DENY.

System Prompt Pattern

For best results, add this to your agent's system prompt:

You have access to the hejdar_evaluate tool. Before performing any action
that reads, writes, deletes, transfers data, or executes commands on
external systems, you MUST call hejdar_evaluate first.

If hejdar_evaluate returns DENY or WOULD_DENY, do NOT proceed with the
action. Instead, inform the user that the action was blocked by policy
and include the reason provided.

Environment Variables

VariableRequiredDefaultDescription
HEJDAR_API_KEYYesYour Hejdar API key
HEJDAR_API_URLNohttps://api.hejdar.comAPI base URL (for self-hosted)

Security

  • API key is read from environment variables only — never hardcoded or exposed in tool I/O
  • All inputs are validated and sanitized before forwarding to the API
  • Error responses never leak internal details, API keys, or stack traces
  • All API calls enforce TLS

Development

git clone https://github.com/ARKALDA/hejdar-mcp.git
cd hejdar-mcp
pip install -e ".[dev]"
pytest

License

MIT

Try in Playground

Server Config

{
  "mcpServers": {
    "hejdar": {
      "command": "uvx",
      "args": [
        "hejdar-mcp"
      ],
      "env": {
        "HEJDAR_API_KEY": "your-api-key",
        "HEJDAR_API_URL": "https://api.hejdar.com"
      }
    }
  }
}
Project Info
Created At
2 months ago
Updated At
2 months ago
Author Name
ARKALDA
Star
-
Language
-
License
-
Category
Tags
AI
cybersecurity
Homepage
https://github.com/ARKALDA/hejdar-mcp

Recommend Servers

View All
Mcp Server Chatsum
@chatmcp

summarize chat message

typescript
a year ago
Doorprofit Crime & Neighborhood Data
@shawndoor

US crime safety scores, recent incidents, neighborhood demographics, rent data, and registered-offender search by address. Free tier available.

11 hours ago
Unclick
@malamutemayhem

UnClick is the universal remote for AI: one MCP install that gives any compatible agent 450+ callable endpoints across 60+ integrations, plus persistent cross-session memory.

an hour ago
Serper MCP Server
@garymengcom

A Serper MCP Server

Python
a year ago
Jina AI MCP Tools
@PsychArch

A Model Context Protocol (MCP) server that integrates with Jina AI Search Foundation APIs.

JavaScript
a year ago
Juhedeepsearch

26 minutes ago
Baidu Map
@baidu-maps

百度地图核心API现已全面兼容MCP协议,是国内首家兼容MCP协议的地图服务商。

a year ago
Amap Maps
@amap

高德地图官方 MCP Server

a year ago
Framelink Figma MCP Server
@GLips

MCP server to provide Figma layout information to AI coding agents like Cursor

TypeScript
a year ago
Sequential Thinking
@modelcontextprotocol

An MCP server implementation that provides a tool for dynamic and reflective problem-solving through a structured thinking process.

a year ago
Aws Kb Retrieval Server
@modelcontextprotocol

An MCP server implementation for retrieving information from the AWS Knowledge Base using the Bedrock Agent Runtime.

a year ago
Pipeworx
@Pipeworx

Live data for AI — SEC filings, economics, FDA, patents, weather, markets, and more, with citations. One connector, 3,300+ tools across 750+ sources.

21 hours ago
Archiet Xray
@Anioko

X-ray your software architecture from any AI assistant: manage ArchiMate blueprints, score them against SOC 2, ISO 27001, GDPR, HIPAA and PCI-DSS, and pull generated code artifacts — all over MCP.

18 hours ago
Mailtrap Email Sending MCP
@Mailtrap

An MCP server that provides a tool for sending transactional emails via Mailtrap

a year ago
GBOX Android MCP
@babelcloud

GBOX provides environments for AI Agents to operate computer and mobile devices. Mobile Scenario: Your agents can use GBOX to develop/test android apps, or run apps on the Android to complete various tasks(mobile automation). Desktop Scenario: Your agents can use GBOX to operate desktop apps such as browser, terminal, VSCode, etc(desktop automation). MCP: You can also plug GBOX MCP to any Agent you like, such as Cursor, Claude Code. These agents will instantly get the ability to operate computer and mobile devices.

9 months ago
AgentQL MCP Server
@tinyfish-io

Model Context Protocol server that integrates AgentQL's data extraction capabilities.

JavaScript
a year ago
alleskralle.com Jobs
@alleskralle.com

Job search engine with 500k+ listings across Austria, Germany and Switzerland (alleskralle.com).

2 hours ago
Slack
@modelcontextprotocol

Channel management and messaging capabilities

a year ago
Achivx Forum

4 hours ago
Polymarket Mcp Server
@mrlarryjohnson111

A production MCP server giving AI agents live Polymarket data as native tools: market search and prices, insider-scored whale trades (each verifiable by on-chain tx hash), trader leaderboards across 10 categories and 4 time windows, and wallet P&L profiles. Hosted on Apify (Streamable HTTP, pay-per-call, no API keys); the only hosted zero-install option among Polymarket MCP servers. Fully async, fail-loud data integrity.

2 hours ago
PostgreSQL
@modelcontextprotocol

Read-only database access with schema inspection

a year ago
Zooza Mcp Server
@zooza-dev

Official MCP server for Zooza — manage class schedules, attendance, bookings, and payments for dance schools, language academies, swim schools, sports clubs, and activity businesses through natural language. 19 tools, works with Claude and ChatGPT.

21 hours ago
Agentladle/financial Reports

13 hours ago
Wikimint
@Keith Ramsey

Generate wiki docs from source code. Supports PowerShell, Python, Go, C#. Java, COBOL are coming soon.

15 hours ago
Filesystem
@modelcontextprotocol

2 months ago
Agent Gate
@Jott2121

MCP server that adds a fail-closed quality gate and hash-chained receipt ledger to any AI agent workflow.

a day ago
Template Vault
@Julien Meiffren

Template Vault is an AI-native website builder. Connect it once and your AI can generate a complete one-page website from a business brief in under a minute — real running URL, real Vercel deployment, custom domain on Pro+ tier. Six tools: `discover_business_needs` (interview the user before generating), `list_personalities`, `generate_site`, `get_generation_status`, `list_user_sites`, `publish_site`. Quotas tied to the user's Template Vault plan, so MCP calls don't bypass billing. The discovery-first workflow is the unusual bit — most MCP servers expose CRUD tools; ours expose a guided pipeline that makes the AI a better website-builder than a one-shot prompt would. Auth: OAuth 2.1 with PKCE. Works in claude.ai's "Add custom connector" flow with no manual client registration — paste the URL, click Allow, done.

a day ago
GitLab
@modelcontextprotocol

GitLab API, enabling project management

a year ago
Memory
@modelcontextprotocol

a year ago
Achivx Forum
@ACHIVX

Agent-native forum for the x402/A2A ecosystem. The hosted MCP server exposes the whole forum as tools — threads, comments, votes, USDC bounties (x402 on Base), provider reviews, and search.

4 hours ago