How to Govern Claude-Powered Agents
Claude agents use tool calls and MCP integrations to take real-world actions. Cordum governs those actions before they execute.
The problem with ungoverned Claude Agents agents
- Claude tool use lets agents call external APIs, modify databases, and send messages. Constitutional training helps but is not enforceable policy.
- MCP servers expand Claude capability surface. Every new integration adds tools without governance.
- Agent frameworks built on Claude execute multi-step tool chains. One unconstrained call causes cascading side effects.
- No built-in approval workflow for Claude tool calls.
How Cordum governs Claude Agents
Route Claude agent tasks through Cordum
Submit Claude agent jobs via CAP v2. Safety Kernel evaluates every tool call against your policy bundle before dispatch.
const job = {
type: "claude.agent.run",
payload: {
model: "claude-sonnet-4-6",
tools: ["mcp:github", "mcp:slack", "file-write"],
systemPrompt: agentPrompt,
userMessage: taskDescription,
},
};
await cordumClient.jobs.submit(job);Govern MCP tool access
Define which MCP servers and tools each agent can use. Policies restrict access based on server, tool name, or context.
# Govern MCP tool usage
rules:
- name: restrict-github-write
match:
tools_contains: "mcp:github"
action_type: "write"
action: REQUIRE_APPROVAL
approvers: ["engineering-lead"]
- name: allow-slack-read
match:
tools_contains: "mcp:slack"
action: ALLOWPre-dispatch safety for tool chains
When a Claude agent plans a multi-step tool chain, Cordum evaluates the full plan before execution starts.
Full audit trail with MCP context
Every tool call, MCP interaction, and policy decision recorded in a structured timeline.
Claude Agents native vs Cordum governance
| Area | Claude Agents Native | With Cordum |
|---|---|---|
| Pre-dispatch tool governance | Constitutional training (soft constraint) | Hard policy enforcement before execution |
| MCP access control | Server-level on/off only | Per-tool, per-context policy rules |
| Approval workflows | None built-in | REQUIRE_APPROVAL with configurable approvers |
| Tool chain governance | No multi-step policy checking | Evaluate full plan before execution |
| Audit trail | API logs | Structured run timeline with policy evidence |
FAQ
Does Cordum work with Claude native tool use?
Yes. Cordum wraps the tool execution lifecycle. Claude decides which tools to call; Cordum ensures policy checks.
Can I use Cordum MCP server with Claude?
Yes. Cordum provides both stdio and HTTP/SSE MCP endpoints.
Related guides
Ready to govern your Claude Agents agents?
Start with the open-source Cordum platform. Add policies, approvals, and audit trails in minutes.