AxioRank MCP server
Call AxioRank governance and control-plane capabilities as tools from any MCP client.
AxioRank runs its own remote MCP server. Point an MCP client (Cursor, Claude Desktop, a ChatGPT connector, or your own agent) at it, and AxioRank's capabilities show up as tools: score a tool call, verify a card, search the audit log, quarantine an agent, and more.
The inverse of the MCP gateway
This is not the MCP gateway, which sits in front of other MCP servers to govern them. This server exposes AxioRank itself as tools. The two are unrelated; you can use either or both.
Connect
The server speaks stateless Streamable HTTP at /api/mcp-server/mcp.
Authenticate with an AxioRank API key (axr_live_…) in the Authorization
header. Issue a key in the dashboard under Settings → API keys.
{
"mcpServers": {
"axiorank": {
"type": "http",
"url": "https://app.axiorank.com/api/mcp-server/mcp",
"headers": { "Authorization": "Bearer axr_live_xxxxxxxxxxxxxxxx" }
}
}
}Every call requires a valid key; each tool additionally checks the key's scopes (below). The same auth, rate limits, quota, metering, and audit trail apply as on the REST API. A tool call here is the same governed path as the matching endpoint.
Tools
22 tools, grouped by capability. A key only invokes the tools its scopes allow.
Governance & discovery
| Tool | Does | Scope |
|---|---|---|
axiorank_score_tool_call | Score a proposed agent tool call (risk + allow/deny/hold). | gateway:write |
axiorank_verify_card | Vet a remote agent/server identity card before connecting. | cards:verify |
axiorank_check_approval | Poll the verdict of a held tool call. | gateway:write |
axiorank_get_protocol_coverage | List the agent-interop protocols AxioRank governs. | - |
axiorank_get_health | Liveness probe for the control plane. | - |
Control-plane reads
| Tool | Does | Scope |
|---|---|---|
axiorank_list_agents · axiorank_get_agent | List agents / fetch one agent's posture. | agents:read |
axiorank_list_policies · axiorank_get_policy | List policies / fetch one policy. | policies:read |
axiorank_search_audit_logs | Search the governance audit trail. | logs:read |
axiorank_list_incidents · axiorank_get_incident | List security alerts / fetch kill-chain evidence. | logs:read |
axiorank_list_threat_intel | List cross-tenant network-flagged identities. | logs:read |
axiorank_list_ml_assessments | List recent ML threat assessments. | logs:read |
axiorank_get_usage | Report current billing-period usage. | logs:read |
Control-plane writes
| Tool | Does | Scope |
|---|---|---|
axiorank_quarantine_agent | Reversible kill switch: quarantine or release an agent. | agents:write |
axiorank_revoke_agent | Permanently revoke an agent's keys. | agents:write |
axiorank_create_policy | Create a policy (born disabled for review). | policies:write |
axiorank_update_policy | Enable/disable, rename, or re-prioritize a policy. | policies:write |
Credentials & detectors
| Tool | Does | Scope |
|---|---|---|
axiorank_create_agent | Create an agent and return a bootstrap short-lived token. | agents:write |
axiorank_issue_token | Mint a scoped, short-lived (axr_tok_…) token for an agent. | keys:write |
axiorank_author_detector | Describe a risk in plain English; AI proposes a content detector (saved disabled). | policies:write |
Short-lived tokens only over MCP
axiorank_issue_token mints expiring axr_tok_ tokens (≤ 1 hour, never
replayable) for operational scopes only. Durable static keys (and any
control-plane write scope) are issued in the dashboard, never over MCP, so a
compromised MCP session can't escalate into a long-lived credential.
Next steps
- Gateway API: the same governance over plain HTTP.
- MCP gateway: govern other MCP servers (the inverse of this).
- Protocol adapters: what
verify_cardinspects.