SHERIDAN, WY — November 18, 2025 — Safeguard today announced the general availability of Safeguard MCP Server, a governance layer for Model Context Protocol deployments that adds per-tool allowlisting, capability scoping, sensitive-data egress guardrails, and a cryptographic chain-of-custody for every action an agent takes. The MCP Server is compatible with Claude Code, Cursor, and Cline out of the box, and conforms to the Model Context Protocol specification.
The general availability release responds to a concrete operational problem. As development teams have begun running coding agents and assistants against production systems, the tool surface those agents can reach has expanded faster than the controls around it. An agent that can read source code, run database queries, and post to messaging platforms is, in practice, an unaudited service account with broad authority. Safeguard MCP Server addresses that gap at the protocol level rather than at the agent level.
Tool allowlisting is the first line of control: administrators define the set of tools an agent is permitted to call, and any other tool invocation is refused at the MCP boundary. Capability scoping narrows that further — a single tool can be restricted to a subset of its declared capabilities, so an agent with shell access cannot, for example, run package installers without explicit policy approval.
Sensitive-data egress guardrails are powered by Lino, the on-device inline model in the Safeguard lineup. Lino inspects each outbound payload from a governed tool boundary and refuses or redacts content that matches the customer's data classification rules — secrets, regulated personal data, and internal-only identifiers. Because Lino runs at the boundary rather than after the fact, the data never leaves the protected zone in the first place.
Every action — tool invocation, parameter set, capability granted, redaction applied — is committed to a signed, append-only audit log. The log produces a cryptographic chain-of-custody that customers and regulators can verify independently of Safeguard. This is the same provenance model the platform uses for SBOM and release artifacts.
"Coding agents made the supply chain mutable in real time, which is exciting and also a governance problem," said Hritik Kumar Sharma, Founder and CEO of Safeguard. "MCP Server is what you put between the agent and the production tool surface so the audit trail still exists when the agent shipped the change at three in the morning."
"The interesting design choice was running the guardrails at the protocol layer," said the Safeguard engineering team. "It means the controls apply regardless of which agent is on the other end."
Safeguard MCP Server is generally available to all customers and can be deployed self-hosted alongside existing Safeguard infrastructure.
About Safeguard
Safeguard is the software supply chain security platform that fuses 11 scanners, a security-only AI model lineup (Griffin · Eagle · Lino), and reachability-aware reasoning to find what pattern scanners miss — from CVEs to candidate zero-days — and to ship the fix with cited reasoning. The platform is built for engineering teams shipping production software and for the regulators auditing them. Learn more at https://safeguard.sh.
Media Contact
press@safeguard.sh