Runplane
MCP Integration

Guard MCP Tool Calls Before They Execute

Enforce action policies on Model Context Protocol tool calls before Claude or any LLM executes them. Full runtime control for MCP servers.

MCP gives LLMs direct access to tools

File systems, APIs, databases — MCP connects them all directly to the model. Nothing stops a tool call from running automatically. One misconfigured prompt can lead to data deletion, unauthorized access, or runaway API calls.

Without Runplane
Agent decidesTool executesNo control

Runplane sits in front of MCP tool execution

Intercept every MCP tool call and enforce policies per action type. Block dangerous operations, require approval for sensitive actions, and log everything for compliance.

agent.ts
import { Shield } from "@runplane/runplane-sdk";

const runplane = new Shield({
  apiKey: process.env.RUNPLANE_API_KEY
});

// Before executing any MCP tool call
const result = await runplane.guard(
  "execute_mcp_tool",
  "mcp-server",
  { tool: toolName, args: toolArgs },
  async () => mcpServer.executeTool(toolName, toolArgs)
);

// Handle the result
if (result.decision === "BLOCKED") {
  return { error: "Action blocked by policy" };
}

return result.output;

What You Get

Enforce policies per MCP server

Block file system and database access

Require approval for API mutations

How Runplane Works

1

Intercept

guard() intercepts the action before execution

2

Decide

Policy engine evaluates and returns a decision

3

Execute or Halt

Action runs, blocks, or waits for approval

ALLOW
REQUIRE_APPROVAL
BLOCK

Protect Any MCP Server

File System

Database

Git Operations

External APIs

Start free at runplane.ai

Add runtime control to your MCP agents in minutes. No credit card required.