AES-256 Encrypted · 32 Guardrail Templates · Zero AI in the decision path

Your AI Agents Are Powerful.
Your Guardrails Should Be Too.

MCPGate gives you deterministic, per-tool control over what Claude, Cursor, and ChatGPT can do with your Gmail, Slack, GitHub, and 11 more services. No AI in the enforcement path. Rules fire the same way, every time.

Get Started Free →See How It Works
AES-256 Encrypted32 Guardrail Templates14 Connectors106 Tools
MCPGate Dashboard — 16 tool calls, 3 blocked by guardrails

AI Agents Are Powerful. But Unchecked.

Most MCP setups leave you exposed in four ways. MCPGate fixes all of them.

Credentials in Plaintext

Your API keys sit in a JSON config file that your AI can read. One prompt injection away from full exposure.

AES-256-GCM vault — credentials never enter the LLM's context window.

All-or-Nothing Access

Connect Gmail and your AI gets read, send, AND delete. No way to allow read but block send.

Per-tool allow/deny toggles with 32 smart guardrail templates.

JSON Config Hell

Trailing commas crash silently. Backslash escaping trips up Windows users. One wrong character breaks everything.

One OAuth click. Zero config files. 90 seconds to first tool call.

Zero Audit Trail

Your AI sent an email you didn't approve? No log. No record. No way to know what happened.

Full activity log with tool, decision, arguments, and latency for every call.

Set Up in Under 60 Seconds

Three steps from signup to your first secure AI tool call.

1

Connect

Link your services with a single OAuth click. No API keys to manage. No JSON to edit. We handle all the OAuth plumbing so you can get started in seconds.

MCPGate Connectors — 14 services, 3 connected
2

Configure

Set per-tool rules: allow email read, block email send, detect PII, protect branches. 32 templates, zero code. Each MCP App gets its own independent guardrail policy.

MCPGate Guardrails — Gmail tools with Allow/Deny toggles
3

Paste & Go

Copy one URL into Claude Desktop. Your AI now has controlled, audited access to all your services. That's the entire setup.

claude_desktop_config.json
{  "mcpServers": {    "mcpgate": {      "url": "https://api.mcpgate.sh/mcp"    }  }}

Deterministic Rules. Not AI Promises.

Other gateways use AI to detect violations — which means they can be fooled by clever prompts. MCPGate uses explicit allow/deny rules with no LLM in the decision path. Same input, same result, every time.

Other Tools

Detection methodAI-based detection
ReliabilityProbabilistic
Bypass riskCan be bypassed

MCPGate

Detection methodExplicit rules
ReliabilityDeterministic
Bypass riskSame result every time

Email Controls

  • Allow/block domains
  • Max recipients
  • PII detection
  • Block external email

Access Control

  • Per-tool allow/deny
  • Protect values
  • Block deletions
  • Protect labels

Content Rules

  • Keyword blocking
  • Content length limits
  • Block secrets
  • Require prefix

Rate & Time

  • Time windows
  • Cooldowns
  • Rate limits per tool
  • Daily caps

32 Rule Templates · 9 Categories · Per-Tool, Per-App

MCPGate Smart Rules — Expanded rule templates
Industry-First Feature

Different AI Clients. Different Rules.

Give Claude Desktop read-only Gmail while Cursor gets full GitHub access. Each MCP App has its own API key, tool permissions, and guardrail config.

Claude Desktop

mgw_a3f2…9k1m
Gmail3 tools enabled
Slack3 tools enabled
Read-only email, full Slack

Cursor AI

mgw_7x9k…p3r2
GitHub4 tools enabled
Full code access
MCPGate MCP Apps — Claude Desktop and Cursor AI

14 Connectors. 106 Tools. Production-Grade.

Not abandoned npm packages. Every connector is native Go, properly typed, rate-limited, and maintained.

Gmail

7 tools

Calendar

6 tools

Contacts

7 tools

Drive

8 tools

Slack

8 tools

GitHub

10 tools

Notion

7 tools

Linear

8 tools

Jira

8 tools

Trello

7 tools

Discord

7 tools

Dropbox

7 tools

HubSpot

8 tools

Asana

8 tools

Prompt Injection Can't Steal What Claude Never Saw.

Your API credentials are encrypted with AES-256-GCM envelope encryption and per-user keys. They're never returned in API responses and never enter the LLM's context.

Credential Vault

AES-256-GCM encryption with per-user data encryption keys. Credentials are encrypted at rest and in transit.

Zero Exposure

API keys never appear in tool call responses. The LLM literally cannot see your credentials — prompt injection has nothing to steal.

Full Audit Trail

Every tool call is logged with decision, arguments, block reason, and latency. Know exactly what your AI did.

How MCPGate Compares

FeatureDIY MCPZapier MCPComposioMintMCPMCPGate
Setup timeHoursMinutesMinutesWeeks90 seconds
CredentialsPlaintext JSONStored in cloudStored in cloudManagedAES-256 vault
GuardrailsTeam RBACAI-based32 deterministic rules
Per-app configRole-basedFull per-tool
PricingFreePer-action$29/moCall sales$10/mo flat
TargetDevelopersBusinessTeamsEnterpriseEveryone

Simple, Transparent Pricing

No hidden fees. No enterprise sales calls. Start free, upgrade when you need to.

14

Connectors

106

Production Tools

32

Guardrail Rules

<100ms

Average Latency

Frequently Asked Questions

Your AI Should Follow Your Rules.
Set Them in 90 Seconds.

Start for free. No credit card required.

Get Started Free →