hejdar-mcp
MCP server for Hejdar — runtime policy enforcement for AI agents.
This server exposes hejdar_evaluate as an MCP tool. Any MCP-compatible agent (Claude, ChatGPT, Cursor, custom) can call it to check whether an action is permitted by organizational policy before executing it.
The MCP server is a thin wrapper around the Hejdar API (POST /v1/evaluate). It contains no policy logic — all decisions come from your Hejdar organization's configured policies.
Quick Start
1. Install
pip install hejdar-mcp
Or run directly with uvx:
uvx hejdar-mcp
2. Get your API key
Sign up at app.hejdar.com and create an API key in Settings → API Keys.
3. Configure your MCP client
Claude Desktop
Add to your Claude Desktop config (~/Library/Application Support/Claude/claude_desktop_config.json on macOS, %APPDATA%\Claude\claude_desktop_config.json on Windows):
{
"mcpServers": {
"hejdar": {
"command": "uvx",
"args": ["hejdar-mcp"],
"env": {
"HEJDAR_API_KEY": "hejdar_sk_your_key_here"
}
}
}
}
Claude Code
Add to your Claude Code MCP settings:
{
"mcpServers": {
"hejdar": {
"command": "uvx",
"args": ["hejdar-mcp"],
"env": {
"HEJDAR_API_KEY": "hejdar_sk_your_key_here"
}
}
}
}
Direct (stdio)
export HEJDAR_API_KEY=hejdar_sk_your_key_here
hejdar-mcp
Getting Started
- Install:
pip install hejdar-mcporuvx hejdar-mcp - Get an API key — contact us at hello@hejdar.com or visit hejdar.com
- Configure your MCP client (see configuration example above)
Tool: hejdar_evaluate
Evaluate an agent action against your organization's security policies.
Input:
| Parameter | Type | Required | Description |
|---|---|---|---|
action_type | string | Yes | READ, WRITE, DELETE, TRANSFER, or EXECUTE |
resource | string | Yes | Target resource, e.g. customer_database |
agent_name | string | No | Name of the calling agent, e.g. hr-assistant |
context | object | No | Free-form metadata (department, user_id, reason, etc.) |
Output:
{
"decision": "DENY",
"policy_id": "pol_abc123",
"reason": "Deletion of customer data requires manager approval",
"risk_level": "HIGH"
}
decision is one of: ALLOW, DENY, WOULD_DENY.
System Prompt Pattern
For best results, add this to your agent's system prompt:
You have access to the hejdar_evaluate tool. Before performing any action
that reads, writes, deletes, transfers data, or executes commands on
external systems, you MUST call hejdar_evaluate first.
If hejdar_evaluate returns DENY or WOULD_DENY, do NOT proceed with the
action. Instead, inform the user that the action was blocked by policy
and include the reason provided.
Environment Variables
| Variable | Required | Default | Description |
|---|---|---|---|
HEJDAR_API_KEY | Yes | — | Your Hejdar API key |
HEJDAR_API_URL | No | https://api.hejdar.com | API base URL (for self-hosted) |
Security
- API key is read from environment variables only — never hardcoded or exposed in tool I/O
- All inputs are validated and sanitized before forwarding to the API
- Error responses never leak internal details, API keys, or stack traces
- All API calls enforce TLS
Development
git clone https://github.com/ARKALDA/hejdar-mcp.git
cd hejdar-mcp
pip install -e ".[dev]"
pytest
License
MIT