Labsco
sidclawhq logo

SidClaw GovernanceMCPServer

β˜… 11

from sidclawhq

Governance proxy for MCP servers β€” wraps any server with policy evaluation, human approval workflows, and hash-chain audit trails.

πŸ”₯πŸ”₯πŸ”₯πŸ”₯βœ“ VerifiedAccount requiredAdvanced setup

SidClaw

Approve, deny, and audit AI agent tool calls.

Works with MCP, LangChain, OpenAI Agents, Claude Agent SDK, and 15+ more.

Website Β· Documentation Β· Live Demo Β· SDK on npm Β· SDK on PyPI


Your agents call tools without oversight. SidClaw intercepts every tool call, checks it against your policies, and holds risky actions for human review before they execute.

Try it locally (self-contained, no install)

Clone and run:

git clone https://github.com/sidclawhq/platform
cd platform/packages/sidclaw-demo && node cli.mjs

Opens a local governance dashboard at http://localhost:3030 with four pre-loaded scenarios (Claude Code rm -rf, fintech trade, DevOps scale-to-zero, clinical lab order). No signup, no Docker, no API key β€” just the approval card UX running in your browser.

Coming to npm soon: npx sidclaw-demo one-liner will be published alongside the next SDK release. Until then, the clone-and-run path above is the canonical way to see the demo.

See it in action

Atlas Financial Demo

Agent wants to send an email β†’ policy flags it β†’ reviewer sees full context β†’ approves or denies β†’ trace recorded.

Works With Your Stack

Integrations

SidClaw integrates with 18+ frameworks and platforms β€” including OpenClaw (329K+ users), LangChain, OpenAI, MCP, Claude Agent SDK, Google ADK, NemoClaw, Copilot Studio, GitHub Copilot, and more. Add governance in one line of code. See all integrations β†’

See It In Action

Customer Support Agent (Financial Services)

Atlas Financial Demo

An AI agent wants to send a customer email. Policy flags it for review. The reviewer sees full context β€” who, what, why β€” and approves with one click. Every step is traced.

Infrastructure Automation (DevOps)

DevOps Demo

An AI agent wants to scale production services. High-risk deployments require human approval. Read-only monitoring is allowed instantly.

Clinical Decision Support (Healthcare)

Healthcare Demo

An AI assistant recommends lab orders. The physician reviews the clinical context and approves. Medication prescribing is blocked by policy β€” only physicians can prescribe.

How It Works

Agent wants to act β†’ SidClaw evaluates β†’ Policy decides β†’ Human approves (if needed) β†’ Action executes β†’ Trace recorded

Four primitives govern every agent action:

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”    β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”    β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”    β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ Identity β”‚ β†’  β”‚  Policy  β”‚ β†’  β”‚ Approval β”‚ β†’  β”‚  Trace   β”‚
β”‚          β”‚    β”‚          β”‚    β”‚          β”‚    β”‚          β”‚
β”‚ Every    β”‚    β”‚ Every    β”‚    β”‚ High-riskβ”‚    β”‚ Every    β”‚
β”‚ agent    β”‚    β”‚ action   β”‚    β”‚ actions  β”‚    β”‚ decision β”‚
β”‚ has an   β”‚    β”‚ evaluatedβ”‚    β”‚ get humanβ”‚    β”‚ creates  β”‚
β”‚ owner &  β”‚    β”‚ against  β”‚    β”‚ review   β”‚    β”‚ tamper-  β”‚
β”‚ scoped   β”‚    β”‚ explicit β”‚    β”‚ with richβ”‚    β”‚ proof    β”‚
β”‚ perms    β”‚    β”‚ rules    β”‚    β”‚ context  β”‚    β”‚ audit    β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜    β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜    β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜    β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
  • allow β†’ action executes immediately, trace recorded
  • approval_required β†’ human sees context card, approves/denies, trace recorded
  • deny β†’ blocked before execution, no data accessed, trace recorded

MCP Governance Proxy

Wrap any MCP server with policy evaluation and approval workflows. Works with Claude Desktop, Cursor, VS Code, GitHub Copilot β€” any MCP client. Listed on the official MCP Registry.

Add to your .mcp.json:

{
  "mcpServers": {
    "postgres-governed": {
      "command": "npx",
      "args": ["-y", "@sidclaw/sdk", "sidclaw-mcp-proxy", "--transport", "stdio"],
      "env": {
        "SIDCLAW_API_KEY": "ai_your_key",
        "SIDCLAW_AGENT_ID": "your-agent-id",
        "SIDCLAW_UPSTREAM_CMD": "npx",
        "SIDCLAW_UPSTREAM_ARGS": "-y,@modelcontextprotocol/server-postgres,postgresql://localhost/mydb"
      }
    }
  }
}
  • SELECT * FROM customers β†’ allowed (~50ms overhead)
  • DELETE FROM customers WHERE id = 5 β†’ held for human approval
  • DROP TABLE customers β†’ denied by policy

Full MCP governance docs β†’

Why not just auth / sandboxing / logging?

ApproachWhat it solvesWhat it doesn't solve
Auth (Okta, OAuth)Who is this agent?Should this specific action execute right now?
Sandboxing (Docker, WASM)Blast radius if something goes wrongWhether the action should happen at all
Logging (Langfuse, LangSmith)What happened after the factIntercepting actions before they execute
Policy engines (OPA)General-purpose policy evaluationApproval workflows, agent-specific context, audit trails
SidClawAll of the above, plus the Approval primitiveβ€”

SidClaw sits at the tool-call layer: the moment an agent decides to act in the real world.

Integrations

SidClaw wraps your existing agent tools β€” no changes to your agent logic.

Agent Frameworks

TypeScriptPython
Core client@sidclaw/sdksidclaw
MCP proxy@sidclaw/sdk/mcpsidclaw.mcp
LangChain@sidclaw/sdk/langchainsidclaw.middleware.langchain
OpenAI Agents@sidclaw/sdk/openai-agentssidclaw.middleware.openai_agents
CrewAI@sidclaw/sdk/crewaisidclaw.middleware.crewai
Vercel AI@sidclaw/sdk/vercel-aiβ€”
Pydantic AIβ€”sidclaw.middleware.pydantic_ai
Claude Agent SDK@sidclaw/sdk/claude-agent-sdksidclaw.middleware.claude_agent_sdk
Google ADK@sidclaw/sdk/google-adksidclaw.middleware.google_adk
LlamaIndex@sidclaw/sdk/llamaindexsidclaw.middleware.llamaindex
Composio@sidclaw/sdk/composiosidclaw.middleware.composio
NemoClaw@sidclaw/sdk/nemoclawsidclaw.middleware.nemoclaw
Webhooks@sidclaw/sdk/webhookssidclaw.webhooks

Platform Integrations

IntegrationDescription
Claude CodeGovern any MCP server in Claude Code. Add a .mcp.json entry β€” zero code changes. Guide β†’
OpenClawGovernance proxy for OpenClaw skills. Published as sidclaw-governance on ClawHub. Guide β†’
MCPGovernance proxy for any MCP server. Listed on the official MCP Registry. CLI binary (sidclaw-mcp-proxy) + programmatic API. Guide β†’
NemoClawGovern NVIDIA NemoClaw sandbox tools with MCP-compatible proxy generation. Guide β†’
Copilot StudioGovernance for Microsoft Copilot Studio skills via OpenAPI action. Guide β†’
GitHub CopilotGovernance for GitHub Copilot agents via HTTP transport. Guide β†’
GitHub Actionsidclawhq/governance-action@v1 β€” reusable CI governance step. Guide β†’

Notification Channels

Approval requests are delivered to your team's preferred channels. Reviewers can approve or deny directly from chat.

ChannelFeatures
SlackBlock Kit messages with interactive Approve/Deny buttons. Messages update in-place after decision.
Microsoft TeamsAdaptive Card notifications with Approve/Deny buttons (Bot Framework) or dashboard links (webhook).
TelegramHTML messages with inline keyboard. Callback updates remove buttons and add reply.
ResendEmail notifications for approval requests via transactional email.

Licensing

ComponentLicenseWhat you can do
SDK (@sidclaw/sdk, sidclaw on PyPI)Apache 2.0Use freely, modify, distribute, commercial use
MCP Proxy (sidclaw-mcp-proxy)Apache 2.0Same as SDK
Platform (API, Dashboard, Docs)FSL 1.1Free for orgs under CHF 1M revenue. Converts to Apache 2.0 in 2028

Start with just the SDK? You don't need the platform. The SDK works standalone with the free hosted API at app.sidclaw.com, or you can self-host everything.

Why This Exists

AI agents are being deployed in production, but the governance layer is missing:

  • 73% of CISOs fear AI agent risks, but only 30% are ready (NeuralTrust 2026)
  • 79% of enterprises have blind spots where agents act without oversight
  • FINRA 2026 explicitly requires "documented human checkpoints" for AI agent actions in financial services
  • EU AI Act (August 2026) mandates human oversight, automatic logging, and risk management for high-risk AI systems
  • OpenClaw has 329K+ stars and 13,700+ skills β€” but 1,184 malicious skills were found in the ClawHavoc campaign. There's no policy layer governing what skills can do.

The big vendors (Okta, SailPoint, WorkOS) handle identity and authorization. But none of them ship the approval step β€” the part where a human sees rich context and makes an informed decision before an agent acts.

Compliance

SidClaw maps to regulatory requirements across the US, EU, Switzerland, and Singapore:

πŸ‡ΊπŸ‡Έ FINRA 2026 Β· πŸ‡ͺπŸ‡Ί EU AI Act Β· πŸ‡¨πŸ‡­ FINMA Β· πŸ‡ΈπŸ‡¬ MAS TRM Β· πŸ‡ΊπŸ‡Έ NIST AI RMF Β· 🌐 OWASP Agentic

Platform Features

For Developers

  • 60-second setup β€” npx create-sidclaw-app scaffolds a working governed agent
  • <50ms evaluation overhead β€” the governance layer is invisible to your users
  • 5-minute integration β€” wrap existing tools, no code changes
  • MCP-native β€” governance proxy for any MCP server
  • Framework-agnostic β€” LangChain, Vercel AI, OpenAI, CrewAI, Pydantic AI, Composio, Claude Agent SDK, Google ADK, LlamaIndex, NemoClaw, or plain functions
  • Typed SDKs β€” TypeScript (npm) + Python (PyPI)

For Security & Compliance Teams

  • Policy engine β€” allow / approval_required / deny with priority ordering and classification hierarchy
  • Approval workflow β€” context-rich cards with agent reasoning, risk classification, and separation of duties
  • Audit trails β€” correlated traces with integrity hash chains (tamper-proof)
  • SIEM export β€” JSON and CSV, continuous webhook delivery

For Platform Teams

  • RBAC β€” admin, reviewer, viewer roles with enforced permissions
  • Tenant isolation β€” automatic tenant scoping on every query
  • API key management β€” scoped keys with rotation
  • Rate limiting β€” per-tenant, per-endpoint-category
  • Webhooks β€” real-time notifications for approvals, traces, lifecycle events
  • Chat integrations β€” approve/deny from Slack, Teams, or Telegram without opening the dashboard
  • Self-serve signup β€” GitHub, Google, email/password

Architecture

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”     β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”     β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ Your Agent  β”‚     β”‚  SidClaw SDK β”‚     β”‚  SidClaw API     β”‚
β”‚             β”‚ ──► β”‚              β”‚ ──► β”‚                  β”‚
β”‚ LangChain   β”‚     β”‚ evaluate()   β”‚     β”‚ Policy Engine    β”‚
β”‚ MCP Server  β”‚     β”‚ withGovern() β”‚     β”‚ Approval Service β”‚
β”‚ OpenAI SDK  β”‚     β”‚ governTools()β”‚     β”‚ Trace Store      β”‚
β”‚ Any tool    β”‚     β”‚              β”‚     β”‚ Webhook Delivery β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜     β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜     β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
                                                   β”‚
                                          β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”
                                          β–Ό                 β–Ό
                                β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
                                β”‚  Dashboard   β”‚  β”‚ Notificationsβ”‚
                                β”‚              β”‚  β”‚              β”‚
                                β”‚ Agents       β”‚  β”‚ Slack        β”‚
                                β”‚ Policies     β”‚  β”‚ Teams        β”‚
                                β”‚ Approvals    β”‚  β”‚ Telegram     β”‚
                                β”‚ Traces       β”‚  β”‚ Email        β”‚
                                β”‚ Settings     β”‚  β”‚ Webhooks     β”‚
                                β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜  β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

Documentation

  • Quick Start β€” 2 minutes to first governed action
  • SDK Reference β€” every method documented
  • Integrations β€” MCP, OpenClaw, NemoClaw, LangChain, OpenAI, Claude Agent SDK, Google ADK, Copilot Studio, GitHub Copilot, and more
  • Policy Guide β€” authoring, versioning, testing
  • Compliance β€” πŸ‡ΊπŸ‡Έ FINRA Β· πŸ‡ͺπŸ‡Ί EU AI Act Β· πŸ‡¨πŸ‡­ FINMA Β· πŸ‡ΈπŸ‡¬ MAS TRM Β· πŸ‡ΊπŸ‡Έ NIST AI RMF Β· 🌐 OWASP
  • API Reference β€” every endpoint