Connect CrewAI crews to GuardEntry's Agent Policy Router via MCP. Every action your agents propose — research queries, write operations, external API calls — is evaluated against your policy before it executes. Blocked actions are logged with full reasoning.
MCP server
GuardEntry runs a local MCP server (HTTP, Streamable transport). CrewAI agents connect via MCPServerHTTP.
Policy gate
Every agent action calls guardentry_evaluate_action. GuardEntry evaluates it against your policy in ~20–50ms.
Audit log
Every decision — allow, block, or require_approval — is logged with full reasoning in your GuardEntry dashboard.
pip install crewaiGuardEntry ships a Streamable HTTP MCP server that exposes the policy router as tools CrewAI agents can call.
git clone https://github.com/guardentryai/mcp-server.git cd mcp-server npm install
Start the server with your API key:
GUARDENTRY_API_KEY=ge_k1_your_key_here npm run start:http # GuardEntry APR MCP server listening on http://localhost:3001/mcp # Health: http://localhost:3001/health
MCP_TOOLS=guardentry_evaluate_action to expose only the evaluate tool — avoids the Anthropic API union-type limit when using Claude as CrewAI's LLM.Add the MCP server to your agent's mcps field. GuardEntry evaluates every action your agents propose before they execute.
from crewai import Agent, Task, Crew, LLM
from crewai.mcp.config import MCPServerHTTP
import os
# Connect to GuardEntry APR — gates every agent action
mcp = MCPServerHTTP(
url="http://localhost:3001/mcp",
headers={"Authorization": f"Bearer {os.environ['GUARDENTRY_API_KEY']}"},
)
llm = LLM(model="anthropic/claude-haiku-4-5-20251001",
api_key=os.environ["ANTHROPIC_API_KEY"])A two-agent crew that researches a vendor's security posture and produces a risk score. GuardEntry gates every data access and write action before it executes.
researcher = Agent(
role="Vendor Security Researcher",
goal="Research a vendor's security posture and surface findings",
backstory="You research vendor security certifications, breach history, and SLAs.",
mcps=[mcp], llm=llm, verbose=True,
)
analyst = Agent(
role="Risk Analyst",
goal="Score vendor risk and recommend approve / conditional / reject",
backstory="You turn security findings into a scored risk decision with remediation steps.",
mcps=[mcp], llm=llm, verbose=True,
)
research_task = Task(
description=(
"Research Acme Corp's security posture. Before accessing any external data source, "
"call guardentry_evaluate_action with subject_type='task' to confirm the action is "
"allowed. Gather: SOC 2 / ISO 27001 status, known breaches (last 3 years), uptime SLA."
),
expected_output="Security posture summary with GuardEntry policy decisions logged",
agent=researcher,
)
scoring_task = Task(
description=(
"Using the research, produce a vendor risk score (1–10) and recommendation. "
"Gate your final write action through guardentry_evaluate_action before submitting."
),
expected_output="Risk score, recommendation (approve/conditional/reject), remediation steps",
agent=analyst,
)
result = Crew(agents=[researcher, analyst],
tasks=[research_task, scoring_task]).kickoff()
print(result)guardentry_evaluate_action call is logged in your GuardEntry dashboard under Agent Policies → Decisions, with full reasoning, confidence score, and latency.| Parameter | Required | Description |
|---|---|---|
| subject_content | Yes | The action text to evaluate |
| subject_type | Yes | task | tool_argument | prompt | plan | tool_result |
| agent_id | No | Identifier for the calling agent — appears in audit log |
| agent_type | No | Drives auto-policy inference (e.g. 'compliance', 'devops') |
| mode | No | fast | balanced | strict — default: balanced |
| correlation_id | No | Thread ID that links ingress + egress decisions in the audit log |
| policy | No | Inline policy object — bypasses store lookup, useful for testing |
{
"decision": "allow", // allow | block | require_approval | verify | uncertain
"confidence": 0.92, // 0–1
"reasoning": "Action is within policy bounds for vendor research tasks.",
"latencyMs": 38,
"policyContext": {
"matchedRule": null,
"policyId": "pol_abc123"
},
"skillGuidance": {
"skill": "auto",
"blockResponse": false,
"displayAlert": false,
"escalate": false,
"logEvent": true
}
}allowProceed with the actionblockDo not execute — reasoning explains whyrequire_approvalPause and wait for a human to approve in the GuardEntry dashboardverifyLow-confidence allow — log and monitor closely⚠️ Anthropic API 400 — too many union types
Start the MCP server with MCP_TOOLS=guardentry_evaluate_action to expose only one tool. Claude has a ~16-param union-type limit across all tools.
⚠️ 401 Invalid API key
Check GUARDENTRY_API_KEY starts with ge_k1_ and matches what's in Settings → API Keys. Re-create the key if unsure.
⚠️ Connection refused on localhost:3001
The MCP server isn't running. Run GUARDENTRY_API_KEY=... npm run start:http in the mcp-server directory.
⚠️ All decisions are allow even for risky actions
Your policy may be in Observability Mode (👁 badge in dashboard). Violations are logged but not blocked. Switch to Enforcement in policy settings.
The in-dashboard wizard mints a scoped API key and walks you through the setup in 10 minutes.
Start setup →