Haldir sits between your AI agent and the tools it uses. Every MCP tool call is intercepted, authorized, and logged.
Quick start:
The problem: AI agents call APIs, spend money, and access credentials with zero oversight.
The fix: Haldir's proxy mode intercepts every tool call:
- Session validated (does this agent have a valid session?)
- Permissions checked (can this agent call this tool?)
- Spend limits enforced (has the budget been exceeded?)
- Policies applied (is this tool on the allow list?)
- Approval checked (does this need human sign-off?)
- Action logged (immutable audit trail)
- Call forwarded to upstream MCP server
Endpoints: haldir.xyz/docs
OpenAPI: haldir.xyz/openapi.json
Smithery: smithery.ai/server/haldir/haldir (98/100)
Haldir sits between your AI agent and the tools it uses. Every MCP tool call is intercepted, authorized, and logged.
Quick start:
The problem: AI agents call APIs, spend money, and access credentials with zero oversight.
The fix: Haldir's proxy mode intercepts every tool call:
Endpoints: haldir.xyz/docs
OpenAPI: haldir.xyz/openapi.json
Smithery: smithery.ai/server/haldir/haldir (98/100)