Truvant Documentation
Policy enforcement for AI agent actions. Control what your AI agents can do — before, during, and after every action they take.
Why Truvant?
AI agents can take actions and access resources far beyond what's needed for the task at hand. Truvant addresses this with command-level and tool-call-level enforcement — every shell command and every MCP tool invocation is checked against your policy before it executes.
Quick Start
Four steps to get Truvant protecting your AI agents. See the Getting Started guide for the full walkthrough.
1
Install
curl -fsSL https://truvant.ai/install.sh | shInstalls mcpctl to ~/.local/bin. Linux and macOS, amd64 and arm64.
2
Scan
mcpctl scanDiscovers all MCP servers in your Claude Code, Claude Desktop, and project configs. Checks for CVEs, hardcoded secrets, risky tool schemas, and supply-chain issues.
3
Authenticate
mcpctl loginSign in with Google or Microsoft to unlock trust scoring, policy enforcement, and the dashboard. Free 30-day trial.
4
Enforce
mcpctl installInstalls the enforcement agent as a background service. Policies sync from the Trust Dashboard and apply immediately.
Documentation
Agent Enforcement
- Trust Dashboard — Web UI for managing your organization's MCP server inventory, trust scores, and enforcement posture. View active agents, review blocked commands, and configure alert thresholds.
- Policy Management — Define and deploy command-level and tool-call-level policies. Block specific shell commands, restrict MCP tool invocations to approved servers, and set per-agent trust thresholds.
- Monitoring & Audit — Continuous posture monitoring with real-time alerts. Full audit log of every agent action, policy decision, and configuration change. Export to SIEM or review in the dashboard.
Scanning
- Scanning & Analysis — Deep security analysis for MCP servers, npm packages, git repositories, and container images. Covers CVE detection, secrets scanning, static analysis, SBOM generation, and tool schema inspection.
Reference
-
CLI Reference —
Complete command reference for
mcpctl. Every subcommand, flag, and environment variable documented with examples. - Integration — Connect Truvant to your existing toolchain. Covers CI/CD pipeline integration, SIEM forwarding, identity provider setup (Okta, Entra ID, Google Workspace), and webhook configuration.
- Troubleshooting — Common issues and how to resolve them. Covers installation problems, authentication failures, policy not applying, agent connectivity issues, and how to collect a diagnostic bundle.