A policy enforcement layer that sits between Claude and any MCP server, logging tool calls and applying allow/deny rules before execution. You give it a policy YAML with path constraints, tool allowlists, and optional evidence requirements, then wrap your existing MCP server with `assay mcp wrap`. Every tool invocation gets audited into a tamper-evident bundle with cryptographic verification. The trust-basis compiler turns those bundles into claim artifacts (verified, self-reported, inferred, absent) for CI gates or SARIF output. Useful when you need runtime guardrails on filesystem access, exec boundaries, or sensitive tool usage without rewriting the upstream server. Ships as a Rust CLI with stdio transport, no hosted backend required.
claude mcp add --transport stdio io.github.rul1an-assay-mcp-server uvx assay-mcp-server