PolicyLayer Registry

Check any MCP server's identity, risk grade and tool classifications before installing it.

Documentation

MCP REGISTRY STACK CHECK DOCS PRICING THEME GET STARTED

// MCP SERVER

The MCP server that vets MCP servers.

Connect your agent to the registry itself. Before it installs or allows any MCP server, it asks one question: is this safe? It gets back the published record: verified identity with the evidence, risk grade, auth posture and every tool's classification. The registry tracks 44,603 servers and 362,000 classified tools, kept current by continuous scanning. Single-server lookups are free.

ENDPOINT https://api.policylayer.com/mcp Streamable HTTP · no key needed for lookups

// CONNECT

Two lines in any client.

CLAUDE CODE

claude mcp add --transport http policylayer https://api.policylayer.com/mcp

CLAUDE (DESKTOP / WEB)

Settings → Connectors → Add custom connector
URL: https://api.policylayer.com/mcp

CURSOR / WINDSURF / VS CODE

{ "mcpServers": {
  "policylayer": {
    "url": "https://api.policylayer.com/mcp"
} } }

ADDING A REGISTRY LICENCE KEY

In Claude Code, append to the command:

--header "Authorization: Bearer plr_..."

In Cursor / Windsurf / VS Code, add inside "policylayer":

"headers": { "Authorization": "Bearer plr_..." }

Claude desktop/web connectors can't send headers; free lookups only.

Then tell your agent: “check any MCP server against PolicyLayer before installing it.” Add it to your team's agent instructions and every install gets vetted.

// TOOLS

Four tools, one boundary.

check_mcp_server Full record for one server: identity + evidence, risk grade, posture, tools riskiest-first. Unknown servers are queued for scanning by the lookup itself. FREE

search_registry Find published servers by name, slug or package substring, with grade and verification on every match. FREE

check_tool One tool's full classification: risk analysis and evidence, OWASP classes, parameters, recommended policy default. FREE

get_change_events The ordered change feed: drift, posture flips, impostor flags. Cursor-based, severity filters. LICENCE

The boundary, same as everywhere in the registry: anything about oneserver is free; a hobbled free lookup would defeat the point. The licence buys breadth: the change feed here, plus bulk snapshots, keyset paging and webhooks on the /v1 API. Keys are self-serve on the licensing page.

// WHY THIS EXISTS

The decision happens in the agent.

Vet at install time

The moment a server is about to enter your stack is the moment its record matters. Your agent checks identity, posture and tool intelligence across every tracked server without leaving the conversation.

Gate risky tool calls

check_tool answers the narrower question: should_this_ tool on this server be allowed? It returns the classification, the evidence and a recommended policy default your agent can apply.

Misses make the registry better

Look up a server we don't know and the lookup itself queues it for identity resolution and a priority scan. Ask again shortly and the record is there.

×

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

CANCEL SEND

Message sent.

We'll get back to you soon.