Govern
How to Govern MCP Server Integrations
MCP servers give AI agents access to tools and resources. Every new integration expands the attack surface. Cordum governs which tools execute.
The problem with ungoverned MCP Servers agents
- MCP servers expose tools to any connected client. No built-in governance.
- All-or-nothing permissions per server.
- Each server multiplies unintended action potential.
- No approval workflow. Model calls, server executes.
How Cordum governs MCP Servers
1
Route through Cordum MCP
Cordum provides its own MCP server as a governance proxy.
// Cordum MCP server modes:
// stdio: cordum-mcp --config cordum.yaml
// HTTP/SSE: POST /mcp/message, GET /mcp/sse2
Per-tool policies
Control individual tools within MCP servers.
rules:
- name: github-write-approval
match:
mcp_server: github
tool_category: write
action: REQUIRE_APPROVAL
- name: db-delete-block
match:
tool_name: delete_records
action: DENY3
Constrain parameters
ALLOW_WITH_CONSTRAINTS limits scope: file paths, record counts, API destinations.
4
Unified audit
One log across all MCP servers.
MCP Servers native vs Cordum governance
| Area | MCP Servers Native | With Cordum |
|---|---|---|
| Tool access | All-or-nothing | Per-tool rules |
| Approvals | None | Per tool/category |
| Constraints | Server-side only | Policy-defined |
| Cross-server | Independent | Centralized |
| Audit | Per-server logs | Unified log |
FAQ
Replace my MCP servers?
No. Governance proxy over them.
Any MCP client?
Yes. stdio and HTTP/SSE.
Resources too?
Yes. Tools and resources.
Related guides
Ready to govern your MCP Servers agents?
Start with the open-source Cordum platform. Add policies, approvals, and audit trails in minutes.