
Averta security
from systempromptio
Secure every MCP server with one governed gateway. Give each AI agent its own scoped MCP access, contain credentials at the gateway, and audit every MCP tool call without wiring agents directly to each server.
What is Averta
Add runtime security checkpoints to OpenAI and Anthropic agent loops.
What is Averta
Averta protects AI agent execution at the points where risk enters or leaves the model loop: user requests, exposed tools, model-requested tool calls, tool results, and final output.
Start with the provider your agent already uses. The wrappers preserve the native provider SDK shape and add Averta decisions around supported calls.
Install the provider wrapper for your runtime.
Wrap an OpenAI client and send one guarded request.
Pick OpenAI, Anthropic, a custom adapter, or the raw API.
Understand why API keys need attached policies.
The Agent Loop
In a tool-using agent, Averta can make decisions before and after the provider call:
-
Request: evaluate user and developer input before the provider sees it.
-
Tool exposure: remove tools that should not be available for this request.
-
Tool call: evaluate model-requested tool calls before your app executes them.
-
Tool result: evaluate returned tool content before it goes back to the model.
-
Output: evaluate final text and rewrite or block when policy requires it.
Common Paths
Install the OpenAI wrapper for JavaScript or Python and keep your existing OpenAI client.
Install @averta-security/sdk-anthropic and wrap your existing Anthropic client.
Create policies, attach them to API keys, and review runtime decisions.
Use a core package or the raw API when provider wrappers are not enough.
This tool doesn't publish a standard install command β the repository README on GitHub covers its setup.
No common issues documented yet. If you hit a problem, the repository's GitHub Issues page is the best place to look.