multicorn
Product

The control layer for AI agents

Multicorn Shield gives your team consent screens, spending controls, and activity logging for every AI agent. One SDK for full oversight.

Start for freeView on GitHub

How It Works

Two paths to add Shield. Pick the one that fits your setup. Both give you the same dashboard, the same controls, the same peace of mind.

Path A: SDK

1

Install the SDK

Add Shield to your project with one command.

Terminal
npm install multicorn-shield
2

Get your API key

Sign up at app.multicorn.ai and create an API key in Settings. You will paste it into the snippet below.

Sign upI already have an account
3

Add to your agent code

Initialize Shield and request consent from users. Store your key in an environment variable - do not commit it to source control.

JavaScript
import { MulticornShield } from "multicorn-shield";

const shield = new MulticornShield({
  apiKey: process.env.MULTICORN_API_KEY,
});
4

Consent screen shown

Users review and approve what the agent wants to do, before it acts.

5

Actions logged

Every action recorded with a tamper-evident audit trail.

6

View in your dashboard

See all agent activity, permissions, and spending in one place.

Shield API

Permissions, logging, controls

Dashboard

Same view, regardless of path

Everything you need to govern AI agents

One SDK to define what agents can do, track what they did, and keep your users in control.

Consent screens

A drop-in approval screen so users can review and approve what an agent wants to do, before it acts. Framework-agnostic, works everywhere.

Spending controls

Set per-transaction, daily, and monthly limits. Know exactly what your agents spend and stop them before they go over budget.

Activity logging

A tamper-evident audit trail of every action every agent takes. See what happened, when, and why, with hash-chain integrity.

Permission management

Define exactly what each agent can access, like Gmail, Calendar, Slack, and GitHub, with granular, per-service permissions.

MCP integration

Middleware for Model Context Protocol servers. Sits between agents and tools, enforcing permissions on every call automatically.

Open source

MIT-licensed, fully auditable. Read the code, run the tests, extend it for your needs. No black boxes.

Team policies

Set organization-wide rules for what agents can do. Apply policies across teams so every agent follows the same guardrails.

Approval workflows

Require sign-off for high-risk actions. Route approvals automatically based on action type or spending amount.

See the consent screen in action

This is how the consent screen appears to your users. Try toggling permissions, adjusting the spending limit, and approving or denying the agent.

Verified Agent
OpenClaw Agent
wants access to your services
Permissions
Gmail
Read and manage emails
Google Calendar
View and create events
Payments
Make purchases on your behalf
Slack
Read and send messages
Spending limit
Per transaction without approval
$50
$0$500

See everything your agents do

The Shield dashboard gives you a real-time view of every agent, every action, and every permission, all in one place.

Up and running in minutes

Two paths to start controlling your AI agents. Pick the one that fits your setup.

Already using an MCP server with Claude Code, OpenClaw, or another agent? Add Shield as a proxy in front of it.

1

Get your API key

Terminal
# Sign up at app.multicorn.ai, then create a key in Settings
export MULTICORN_API_KEY=mcs_your_key_here
2

Wrap your MCP server

Terminal
npx multicorn-proxy --wrap npx @modelcontextprotocol/server-filesystem /tmp

Prefer a config file? Run npx multicorn-proxy init and pick "Local MCP / Other". Full MCP proxy guide

GitHubnpm

See it in action

Run the proxy, make a tool call, and watch it appear in the dashboard in real time.

Terminal

$ npx multicorn-proxy --wrap npx @modelcontextprotocol/server-filesystem /tmp

[multicorn-proxy] Proxy starting. agent=filesystem

[multicorn-proxy] Agent resolved. agent=filesystem scopes=3

[multicorn-proxy] Proxy ready. agent=filesystem

[multicorn-proxy] Tool call intercepted. tool=filesystem_read_file allowed=true

[multicorn-proxy] Action logged. service=filesystem action=read_file status=approved

[multicorn-proxy] Tool call intercepted. tool=gmail_send_email allowed=false

[multicorn-proxy] Action blocked. service=gmail reason=no execute access

â–ˆ

We Run Shield on Shield

Every production deployment of Multicorn runs through Shield. When a deploy touches authentication code, security configuration, or database migrations, Shield pauses the pipeline and sends an approval request. Outside business hours, every deploy requires approval regardless of what changed.

No code reaches production without passing through the same permission checks, audit trail, and approval flow that Shield provides to your team.

MIT licensed

Use, modify, and self-host

Open source

Code and issues on GitHub

Built in Australia

Designed by the Multicorn team

Not sure if Shield is right for you?

Different tools solve different problems. See how Shield compares to other AI agent control tools - Agent Safehouse, agentsh, and AgentGate - and find the right fit for your team.

Compare Shield to alternativesRead the threat model

Start controlling your AI agents today

Free to start, no credit card required. Set up consent screens and spending controls in minutes.

Start for freeView on GitHub