Sentinel sits between your MCP clients and backend servers to enforce zero-trust policies before tool calls reach production systems. It strips PII from prompts and responses, requires manual approval for high-risk operations, and writes every request to an audit trail. You'd reach for it when moving from local MCP demos to team or CI deployments where you need guardrails around which tools agents can invoke and what data they can touch. It's part of the oaslananka mcp-suite monorepo alongside Composer for aggregation, Forge for orchestration, and Observatory for metrics. The repo targets stdio transport and runs on Node 24 or later with strict TypeScript throughout.
claude mcp add --transport stdio io.github.oaslananka-sentinel uvx sentinel