// GLOSSARY -- POLICY ENFORCEMENT

What is Intercept (PolicyLayer)?

2 min read Updated

Intercept is an open-source Go binary (Apache 2.0) that acts as a transparent MCP proxy, sitting between MCP clients and MCP servers to enforce YAML-defined policies on every tool call without requiring code changes.

WHY IT MATTERS

AI agents are increasingly powerful, but that power comes with risk. When an agent can call arbitrary MCP tools — creating Stripe charges, pushing to GitHub, modifying databases — there is no built-in mechanism to enforce boundaries. The MCP specification itself is deliberately unopinionated about authorisation, leaving a critical gap between what an agent can do and what it should do.

Intercept fills this gap. By sitting transparently between the MCP client (Claude Desktop, Cursor, or any MCP-compatible application) and the MCP servers it connects to, Intercept evaluates every tool call against a set of YAML policy files before the call reaches the server. No code changes, no SDK integration, no modifications to your existing MCP servers — you simply point your client at Intercept instead of directly at the server.

This architecture mirrors battle-tested patterns from network security (reverse proxies, firewalls) and infrastructure (service meshes, API gateways). Rather than embedding policy logic into every agent or server, you centralise it in a single enforcement point that is auditable, version-controlled, and trivially reproducible across environments.

Because Intercept is a standalone binary with zero runtime dependencies, deployment is straightforward: download, configure your policies, and update your MCP client config. The entire policy layer is defined in plain YAML, making it accessible to security teams, compliance officers, and developers alike.

HOW POLICYLAYER USES THIS

Intercept is PolicyLayer's core open-source product. It ships as a single Go binary that runs locally or on a server, proxying MCP traffic and enforcing policies defined in YAML files. Every tool call passes through Intercept's policy evaluation pipeline — matching server, matching tool, evaluating argument conditions, and applying the resulting action (allow, deny, or log). Intercept supports policy hot-reload, structured audit logging, and both fail-closed and fail-open modes. The source is available on GitHub under Apache 2.0.

FREQUENTLY ASKED QUESTIONS

Do I need to modify my MCP servers to use Intercept?
No. Intercept is a transparent proxy — it sits between your MCP client and your existing MCP servers. You only change the client configuration to point at Intercept instead of directly at the server. No server-side code changes are needed.
What MCP clients does Intercept support?
Intercept works with any MCP-compatible client, including Claude Desktop, Cursor, Windsurf, and custom clients built with the MCP SDK. Because it speaks the standard MCP protocol, client compatibility is automatic.
Is Intercept suitable for production use?
Yes. Intercept is designed for production with fail-closed defaults, structured audit logging, policy hot-reload for zero-downtime updates, and minimal resource overhead as a compiled Go binary.

FURTHER READING

Enforce policies on every tool call

Intercept is the open-source MCP proxy that enforces YAML policies on AI agent tool calls. No code changes needed.

npx -y @policylayer/intercept
github.com/policylayer/intercept →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.