Inspiration
Companies are handing AI agents broad access to production tools and MCP servers because that's what makes them useful. But the moment you connect an MCP server, the agent can call everything it exposes, with no authorization checks and no record security ever sees. Nobody can answer the three questions compliance actually asks: which agent called which tool, were they authorized, and can you prove it? Authorization and audit logging were built for humans and services, not for agents that pick tools mid-session. That gap is especially dangerous in regulated industries like fintech, where an agent accessing the wrong customer's account is a PCI-DSS / SOC 2 incident, not just a bug.
What it does
Warden is a real-time auth and audit platform for AI agents. It captures every MCP tool call an AI agent via Datadog's Lapdog, evaluates whether the actor was authorized based on role-based policies, and records every verdict to ClickHouse, all autonomously, with no human in the loop. A live React dashboard surfaces the event feed, session management with persona assignment, an editable policy matrix, and violation alerts with policy citations in real time. Finally
Log in or sign up for Devpost to join the conversation.