Skip to main content
Sentrail offers two connection modes for Claude Code. Choose Option A if you want to intercept local shell commands (rm -rf, git push --force, DROP TABLE, etc.). Use Option B if you only need to govern MCP tool calls routed to an upstream server.
For rm -rf, git push --force, DROP TABLE, and other shell-level commands, you must use Option A (local interceptor). The cloud proxy only sees MCP JSON-RPC calls — it cannot intercept commands the agent runs via bash or a terminal tool.
The Sentrail CLI runs a local proxy at http://localhost:3773. Claude Code connects to it instead of the upstream MCP server. Every tools/call — including shell commands — is classified and checked against your policies before execution.

1. Install the CLI

npm install -g sentrail

2. Initialize

sentrail init
Enter your API key (agk_…), workspace ID, and upstream MCP server URL when prompted. The command writes ~/.sentrail/config.json and prints the MCP snippet for the next step.

3. Add to Claude Code config

Add the following to your Claude Code MCP configuration. The location depends on your setup:
  • Global: ~/.claude/mcp_servers.json
  • Project: .claude/mcp_servers.json in the project root
{
  "mcpServers": {
    "sentrail": {
      "url": "http://localhost:3773"
    }
  }
}

4. Start the interceptor

sentrail start
The proxy runs in the foreground and logs every decision with color coding (green = allow, red = block, yellow = pending approval).

5. Verify with the demo

sentrail demo
The demo simulates four agent actions — rm -rf, git push --force, DROP TABLE, and cat README.md — and shows the decision for each. No real commands are executed.
Do not commit your API key to version control. The ~/.sentrail/config.json file is local to your machine.

Option B — Cloud MCP proxy

Point Claude Code directly at the Sentrail mcp-gate cloud endpoint. This governs MCP tools/call requests to an upstream MCP server but does not intercept local shell commands.

Prerequisites

  • A Sentrail workspace with an MCP server connected (Tools → MCP → Connect)
  • An API key with the mcp scope

Configuration

{
  "mcpServers": {
    "sentrail": {
      "url": "https://<project-ref>.supabase.co/functions/v1/mcp-gate/sse",
      "headers": {
        "Authorization": "Bearer agk_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
        "X-Agent-Id": "claude-code"
      },
      "transport": "sse"
    }
  }
}

Verifying the connection

After saving the config, restart Claude Code and run: 
/mcp
You should see sentrail listed as a connected server with the tools from your upstream MCP server.

How it works

Claude Code sends all MCP calls to mcp-gate instead of your upstream server:
  1. initializemcp-gate responds with Sentrail server info and protocol version 2024-11-05
  2. tools/listmcp-gate fetches the tool list from your upstream server (cached 60 seconds) and returns it unchanged
  3. tools/callmcp-gate evaluates the call against your policies, then either forwards it, blocks it, or defers it
When a call requires approval, Claude Code receives a result with _meta.sentrail.status = "require_approval" and a message explaining that approval is needed. Claude Code will surface this to you. Poll the status endpoint or wait for the dashboard notification.

Agent identity

The X-Agent-Id: claude-code header identifies this connection in audit logs. You can create agent-specific policies using this ID: 
{
  "name": "Allow Claude Code to create issues",
  "tool": "mcp",
  "actionPattern": "*",
  "toolNamePattern": "create_issue",
  "conditions": { "allowedAgents": ["claude-code"] },
  "mode": "allow",
  "priority": 10
}

Troubleshooting

Check that the Sentrail MCP endpoint ends with /mcp-gate/sse. stdio is not supported by mcp-gate.
Verify the API key is valid, not expired, and has the mcp scope. Check Settings → API Keys in the dashboard.
Go to Tools → MCP in the dashboard and connect an upstream MCP server before using mcp-gate.