Every tool call, observed and enforced.
Navil sits in front of every MCP server, CLI, and API your agents reach. Policy at install, enforcement at runtime.
Capabilities
Policy enforcement
YAML-defined scoping. Agents see only the tools their policy permits. Reduces attack surface and cuts schema tokens per call.
2.7 µs overhead
Rust data plane. p50 2.7 µs, p99 6.1 µs per message. Measurable, not estimated. Benchmark ships in the repo.
568 detection patterns
36 categories covering prompt injection, supply chain, privilege escalation, RAG poisoning, and agent hijacking. Fed by anonymized signal from every deployment.
MCP server wrapping
navil secure Auto-discovers MCP configs and wraps every server in under 60 seconds. Works with Claude Code, Cursor, Continue, and custom agents.
94% token reduction
Schema scoping means agents see only the tools their policy allows. Average 94% reduction in schema tokens per call. Reduces inference cost on every loop.
Audit logs
Structured logs for every tool call: which agent called which tool, what the policy decision was, what it tried that failed. SOC 2 / HIPAA evidence.
Numbers
p99 6.1 µs · Rust data plane · benchmark ships in repo
vs unscoped MCP exposure · reduces inference cost on every loop
across 36 agent-native categories · updated from live network
Start in under a minute.
One command installs the proxy and wraps every MCP server your agent uses.