MCP server for Hejdar — runtime policy enforcement for AI agents
Project description
hejdar-mcp
MCP server for Hejdar — runtime policy enforcement for AI agents.
This server exposes hejdar_evaluate as an MCP tool. Any MCP-compatible agent (Claude, ChatGPT, Cursor, custom) can call it to check whether an action is permitted by organizational policy before executing it.
The MCP server is a thin wrapper around the Hejdar API (POST /v1/evaluate). It contains no policy logic — all decisions come from your Hejdar organization's configured policies.
Quick Start
1. Install
pip install hejdar-mcp
Or run directly with uvx:
uvx hejdar-mcp
2. Get your API key
Sign up at app.hejdar.com and create an API key in Settings → API Keys.
3. Configure your MCP client
Claude Desktop
Add to your Claude Desktop config (~/Library/Application Support/Claude/claude_desktop_config.json on macOS, %APPDATA%\Claude\claude_desktop_config.json on Windows):
{
"mcpServers": {
"hejdar": {
"command": "uvx",
"args": ["hejdar-mcp"],
"env": {
"HEJDAR_API_KEY": "hejdar_sk_your_key_here"
}
}
}
}
Claude Code
Add to your Claude Code MCP settings:
{
"mcpServers": {
"hejdar": {
"command": "uvx",
"args": ["hejdar-mcp"],
"env": {
"HEJDAR_API_KEY": "hejdar_sk_your_key_here"
}
}
}
}
Direct (stdio)
export HEJDAR_API_KEY=hejdar_sk_your_key_here
hejdar-mcp
Tool: hejdar_evaluate
Evaluate an agent action against your organization's security policies.
Input:
| Parameter | Type | Required | Description |
|---|---|---|---|
action_type |
string | Yes | READ, WRITE, DELETE, TRANSFER, or EXECUTE |
resource |
string | Yes | Target resource, e.g. customer_database |
agent_name |
string | No | Name of the calling agent, e.g. hr-assistant |
context |
object | No | Free-form metadata (department, user_id, reason, etc.) |
Output:
{
"decision": "DENY",
"policy_id": "pol_abc123",
"reason": "Deletion of customer data requires manager approval",
"risk_level": "HIGH"
}
decision is one of: ALLOW, DENY, WOULD_DENY.
System Prompt Pattern
For best results, add this to your agent's system prompt:
You have access to the hejdar_evaluate tool. Before performing any action
that reads, writes, deletes, transfers data, or executes commands on
external systems, you MUST call hejdar_evaluate first.
If hejdar_evaluate returns DENY or WOULD_DENY, do NOT proceed with the
action. Instead, inform the user that the action was blocked by policy
and include the reason provided.
Environment Variables
| Variable | Required | Default | Description |
|---|---|---|---|
HEJDAR_API_KEY |
Yes | — | Your Hejdar API key |
HEJDAR_API_URL |
No | https://api.hejdar.com |
API base URL (for self-hosted) |
Security
- API key is read from environment variables only — never hardcoded or exposed in tool I/O
- All inputs are validated and sanitized before forwarding to the API
- Error responses never leak internal details, API keys, or stack traces
- All API calls enforce TLS
Development
git clone https://github.com/ARKALDA/hejdar-mcp.git
cd hejdar-mcp
pip install -e ".[dev]"
pytest
License
MIT
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file hejdar_mcp-0.1.0.tar.gz.
File metadata
- Download URL: hejdar_mcp-0.1.0.tar.gz
- Upload date:
- Size: 9.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
469de91a4767a41025312373b2c79029257509479d034711c819bf54e953f91c
|
|
| MD5 |
ddf8c144885c7af2686a9c4487667817
|
|
| BLAKE2b-256 |
154b25793ab498556a937fae84c5e2a8eef961f1fdfeea08dff4ddb7c976227c
|
File details
Details for the file hejdar_mcp-0.1.0-py3-none-any.whl.
File metadata
- Download URL: hejdar_mcp-0.1.0-py3-none-any.whl
- Upload date:
- Size: 7.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
63074e4500a8b62af0df6ecb06cb33544a737173c1dc617b3d72959dee66d007
|
|
| MD5 |
2e3c485da58e296ec6b58e6715f52c83
|
|
| BLAKE2b-256 |
6750cab6263c19971a200ded96041f0a02d84c0bd5d82d770eba0596dea15805
|