deterministic-agent-control-protocol

This MCP server provides governance for AI agent actions by routing every action request through a policy-enabled control plane before execution. It does not perform actions itself; instead it evaluates requests against defined constraints, budgets, and risk levels, then either allows execution, blocks it with a logged reason, or gates it behind human approval. The server integrates with common agent shells and tooling ecosystems (Cursor, Codex, Claude Code, and compatible MCP clients) and supports a language-agnostic HTTP API for external tooling.

To use it, install the CLI tooling and bootstrap governance for your agent, or run sessions locally using the provided policy files. You can define capabilities and limits in a policy file, then the MCP server will enforce those rules across tool invocations, file access, and commands. When an action is evaluated, you receive a verdict and, if allowed, you perform the action yourself and record the result in the evidence ledger. The system emphasizes auditable, bounded, and reversible actions with explainable decisions, ensuring you can trace why a tool was allowed or denied and how it affects the overall task.

Prerequisites:

• Node.js (LTS version) and npm installed on your machine
• Basic familiarity with CLI tools

1. Install the CLI globally (or use npx per project):

   npm install -g det-acp-cli

2. Initialize a new MCP policy and config for your agent:

   npx det-acp init cursor # For Cursor integration npx det-acp init codex # For Codex integration npx det-acp init claude-code # For Claude Code integration

   This generates default policy.yaml, policy files, and an MCP config file. Edit policy.yaml to tailor capabilities, limits, gates, and session behavior to your needs.

3. Start the MCP server (example using the hosted CLI flow):

   node server.js # or the appropriate start command for your setup

4. If you’re integrating with a specific agent, follow the agent-specific integration guide in the repository’s docs to connect your agent to the MCP HTTP API

Tips and common considerations:

• Keep policy.yaml under version control with explicit capabilities and limits to ensure repeatable governance.
• Use the evidence ledger to audit actions and support reversibility and explainability.
• If you encounter permission denials, review the gates and risk_level settings in your policy; adjust to balance safety with productivity.
• When integrating multiple agents (Cursor, Codex, Claude Code), ensure consistent policy references across integrations to avoid policy drift.
• Ensure your MCP server has access to the policy files, ledger storage, and any external services needed for human approval workflows.