Guard every tool call with policy

Keep defines declarative rules that deny, redact, or log AI agent tool calls before they reach upstream services.

Ships as a Go library, MCP relay, and LLM gateway.
Works standalone or composed with Moat.

# Install
$ brew tap majorcontext/tap
$ brew install keep

# Evaluate a call against your rules
$ keep eval --rules rules.yaml call.json

Policy

Declarative Rules

YAML rule files define what to deny, redact, or log. CEL expressions for matching with full access to call structure.

Redaction

Strip sensitive fields from tool call arguments before they leave the agent. Pattern-based or path-based targeting.

Scoped Evaluation

Rules target specific tools, namespaces, or call patterns. Broad defaults with surgical overrides.

Audit Logging

Every evaluation is logged with full context: the call, matched rules, and outcome. Structured JSON for downstream analysis.

Integration

MCP Relay

Drop-in gateway for Claude Code and other MCP clients. Intercepts tool calls, applies policy, forwards approved calls.

LLM Gateway

HTTP proxy between agent and LLM provider. Decomposes tool-use responses and evaluates each call against policy.

Go Library

Embed Keep directly in your Go tooling. Full API for rule loading, evaluation, and result inspection.

CEL Expressions

Rules use Common Expression Language for matching. Type-safe, sandboxed, and familiar to anyone who's used Firebase or Kubernetes.

Why This Exists

AI agents make tool calls—reading files, executing commands, calling APIs. Today, the only control is the system prompt, which is easy to bypass and impossible to audit. An agent told "don't delete files" can still delete files if it decides to.

Keep moves policy enforcement out of the prompt and into infrastructure. Rules are evaluated against the structured call before it executes—not as a suggestion to the model, but as a hard gate. If a call doesn't match policy, it doesn't happen.

Get Started

Introduction — Learn about Keep's rule engine and evaluation model
Installation — Install the CLI, relay, or library
Quick Start — Write your first rule and evaluate a call

Keep is open source and in active development. APIs and configuration formats may change. View github.com/majorcontext/keep for the latest updates.