AI Agent Security Platform

See every move your AI agents make.

OrcaTrac intercepts every MCP tool call before it executes — blocking dangerous actions in real time and giving your team complete visibility into what your agents are doing.

Already have an account? Sign in →

OrcaTrac — Live Dashboard

live

TOOLAGENTRISKDECISION

delete_databaseclaude-prodHIGHBLOCK

read_configclaude-prodLOWALLOW

send_emailgpt-agentMEDIUMWARN

drop_tableclaude-prodHIGHBLOCK

list_filesclaude-prodLOWALLOW

Protecting agents running on

ClaudeGPT-4GeminiLlama 3MistralAny MCP server

The problem

Your AI agents have the keys to your kingdom.

One hallucination. One prompt injection. One bad day — and an agent can cause irreversible damage without a single human approving it.

delete_database

HIGHWipes production DB

push_code

HIGHShips a backdoor

send_email

MEDIUMSpams your customers

How it works

Up and running in 3 commands

Install the CLI

One command adds OrcaTrac to your machine.

$ npm install -g @orcatrac/cli

Inject into Claude Desktop

OrcaTrac patches your MCP config to proxy every server through the interceptor.

$ orcatrac init && orcatrac inject

Monitor the dashboard

Every tool call appears live. Blocked threats highlighted instantly.

$ open https://orcatrac.com/dashboard

Features

Everything you need to secure your agents

Real-time interception

Every MCP tool call passes through OrcaTrac before it executes. HIGH-risk actions are blocked in milliseconds — before any damage is done.

Automatic risk classification

Tools are classified LOW, MEDIUM, or HIGH based on their blast radius. No manual labelling required — works out of the box for every MCP server.

Flexible policy modes

Allow everything and log it. Warn on risky actions. Block dangerous ones outright. Switch modes instantly from the dashboard — no redeployment.

Complete audit trail

Every call logged with tool name, arguments, risk level, decision, and timestamp. Export for compliance, incident response, or security forensics.

Custom rules

Override defaults for any tool name. Pin specific calls to ALLOW, WARN, or BLOCK regardless of auto-classification. Managed from the dashboard.

Any MCP server

OrcaTrac is a stdio proxy. If it speaks JSON-RPC over stdio, OrcaTrac wraps it — no SDK changes, no code modifications, no vendor lock-in.

Risk classification

Automatic — zero config

Every tool call is classified the moment it arrives. No rules to write.

LevelTool patternsDefault action

HIGHdelete_* · drop_* · destroy_* · push_codeBLOCK in warn mode

MEDIUMwrite_* · update_* · send_* · share_*WARN in warn mode

LOWread_* · list_* · get_* · query_*Always ALLOW

Override any rule with custom policies in the dashboard.

Ready to secure your agents?

Join the waitlist and be first in when we open up access.