nairinairi
Try Now
← Back to changelog

MCP Tool Proxy

MCP tool connections now run through a dedicated proxy that sits between your agent and your connected tools. The main reason we built this: your agent no longer has access to the actual secrets used by your MCP servers.

How it works

When you connect a tool like GitHub, PostgreSQL, or Sentry, the real credentials are stored in the proxy, not in the agent's container. The agent only sees placeholder tokens in its MCP configuration. When it makes a tool call, the proxy swaps in the real credentials, forwards the request, and returns the result.

Your agent gets full use of all connected tools without ever seeing the actual API keys, tokens, or passwords.

Why this matters

AI agents are powerful, but giving them direct access to production credentials is a risk. With the MCP proxy, you get a clean separation - the agent can query your database or create a GitHub PR, but it can't extract the credentials and use them for something you didn't intend.

If you already have tools connected, they'll automatically use the proxy on next deploy.