ARKALDA/hejdar-mcp

MCP server for Hejdar — runtime policy enforcement for AI agents.

This server exposes hejdar_evaluate as an MCP tool. Any MCP-compatible agent (Claude, ChatGPT, Cursor, custom) can call it to check whether an action is permitted by organizational policy before executing it.

The MCP server is a thin wrapper around the Hejdar API (POST /v1/evaluate). It contains no policy logic — all decisions come from your Hejdar organization's configured policies.

Quick Start

1. Install

pip install hejdar-mcp

Or run directly with uvx:

uvx hejdar-mcp

2. Get your API key

Sign up at app.hejdar.com and create an API key in Settings → API Keys.

3. Configure your MCP client

Claude Desktop

Add to your Claude Desktop config (~/Library/Application Support/Claude/claude_desktop_config.json on macOS, %APPDATA%\Claude\claude_desktop_config.json on Windows):

{
  "mcpServers": {
    "hejdar": {
      "command": "uvx",
      "args": ["hejdar-mcp"],
      "env": {
        "HEJDAR_API_KEY": "hejdar_sk_your_key_here"
      }
    }
  }
}

Claude Code

Add to your Claude Code MCP settings:

{
  "mcpServers": {
    "hejdar": {
      "command": "uvx",
      "args": ["hejdar-mcp"],
      "env": {
        "HEJDAR_API_KEY": "hejdar_sk_your_key_here"
      }
    }
  }
}

Direct (stdio)

export HEJDAR_API_KEY=hejdar_sk_your_key_here
hejdar-mcp

Getting Started

1. Install: pip install hejdar-mcp or uvx hejdar-mcp
2. Get an API key — contact us at [email protected] or visit hejdar.com
3. Configure your MCP client (see configuration example above)

Tool: hejdar_evaluate

Evaluate an agent action against your organization's security policies.

Input:

Parameter	Type	Required	Description
action_type	string	Yes	READ, WRITE, DELETE, TRANSFER, or EXECUTE
resource	string	Yes	Target resource, e.g. customer_database
agent_name	string	No	Name of the calling agent, e.g. hr-assistant
context	object	No	Free-form metadata (department, user_id, reason, etc.)

Output:

{
  "decision": "DENY",
  "policy_id": "pol_abc123",
  "reason": "Deletion of customer data requires manager approval",
  "risk_level": "HIGH"
}

decision is one of: ALLOW, DENY, WOULD_DENY.

System Prompt Pattern

For best results, add this to your agent's system prompt:

You have access to the hejdar_evaluate tool. Before performing any action
that reads, writes, deletes, transfers data, or executes commands on
external systems, you MUST call hejdar_evaluate first.

If hejdar_evaluate returns DENY or WOULD_DENY, do NOT proceed with the
action. Instead, inform the user that the action was blocked by policy
and include the reason provided.

Environment Variables

Variable	Required	Default	Description
HEJDAR_API_KEY	Yes	—	Your Hejdar API key
HEJDAR_API_URL	No	https://api.hejdar.com	API base URL (for self-hosted)

Security

• API key is read from environment variables only — never hardcoded or exposed in tool I/O
• All inputs are validated and sanitized before forwarding to the API
• Error responses never leak internal details, API keys, or stack traces
• All API calls enforce TLS

Development

git clone https://github.com/ARKALDA/hejdar-mcp.git
cd hejdar-mcp
pip install -e ".[dev]"
pytest

License

MIT