Identity, authorization, audit trails, and revocable permissions for AI agents accessing MCP tools.
Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"civic": {
"url": "https://app.civic.com/hub/mcp"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
Connecting AI Agents to tools and data via the Civic MCP Gateway gives builders access to guardrails, scoped permissions, audit trails, and revocable access when calling MCP tools. Civic separates the permission layer from the AI agent so they can't get around restrictions.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
npx -y '@civic/hub-bridge' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
Checked @civic/hub-bridge against OSV.dev.
Click any tool to inspect its schema.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in security
Security scanner for GitHub repos, Agent Skills, Plugins, and MCP servers. 18 scanners. Zero dependencies.
Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.
AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.
Model Context Protocol for WinDBG
MCP Security Weekly
Get CVE alerts and security updates for Gateway MCP Server and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
Connecting AI Agents to tools and data via the Civic MCP Gateway gives builders access to guardrails, scoped permissions, audit trails, and revocable access when calling MCP tools. Civic separates the permission layer from the AI agent so they can't get around restrictions.
This repository contains integration metadata, configuration files, and client examples. The gateway itself runs at app.civic.com.
Without an identity layer, any AI agent can call any MCP tool with no record of who authorized it, what it accessed, or how to revoke its access. Civic fixes that:
https://app.civic.com/hub/mcp
Transport: Streamable HTTP Auth: Bearer token (generated at app.civic.com)
Sign in at app.civic.com and generate a bearer token from the onboarding flow.
Claude Desktop — native Streamable HTTP:
Add to ~/Library/Application Support/Claude/claude_desktop_config.json:
{
"mcpServers": {
"civic": {
"url": "https://app.civic.com/hub/mcp"
}
}
}
Claude Code — native HTTP transport (no bridge needed):
claude mcp add --transport http civic https://app.civic.com/hub/mcp
Or for stdio via Hub Bridge:
claude mcp add civic "npx @civic/hub-bridge"
Cursor — native Streamable HTTP:
Add to your Cursor MCP config:
{
"mcpServers": {
"civic": {
"url": "https://app.civic.com/hub/mcp"
}
}
}
Cline (VS Code) — add to cline_mcp_settings.json:
{
"mcpServers": {
"civic": {
"url": "https://app.civic.com/hub/mcp",
"headers": {
"Authorization": "Bearer YOUR_CIVIC_TOKEN"
}
}
}
}
Windsurf — native Streamable HTTP, no bridge required:
Add to ~/.codeium/windsurf/mcp_config.json:
{
"mcpServers": {
"civic": {
"serverUrl": "https://app.civic.com/hub/mcp"
}
}
}
Windsurf handles OAuth automatically on first connection.
Append ?profile=your-toolkit to scope the gateway to a specific configuration:
https://app.civic.com/hub/mcp?profile=your-toolkit
For non-interactive agents that can't complete an OAuth flow, generate a bearer token at app.civic.com and pass it directly:
curl -X POST https://app.civic.com/hub/mcp \
-H "Authorization: Bearer $CIVIC_TOKEN" \
-H "Content-Type: application/json" \
-d '{"jsonrpc":"2.0","method":"tools/list","id":1}'
| Registry | Link |
|---|---|
| Smithery | smithery.ai/servers/@civic/civic-mcp-gateway |
| ClawHub | clawhub.ai/civictechuser/openclaw-civic-skill |
| Use case | What Civic adds |
|---|---|
| Gmail guardrails & audit | Block outbound sends with secrets, redact PII from email content, log every send |
| Google Calendar guardrails & audit | Prevent event deletion, restrict to business hours, block external attendees |
| PostgreSQL guardrails & audit | Block destructive queries, enforce read-only access, redact sensitive columns |
Full documentation at **[docs.civic.co