Glossary

MCP Gateway

A governance layer over every Model Context Protocol tool an agent can call.

category ▸ Distribution

audit/verify
#101hash ✓#102hash ✓#103hash ✓#104hash ✓#105hash ✓
head 0x9f3a…c1ok: true
verifyChain ▸ chained SHA-256 · signed receipts
What it means

MCP Gateway, in plain language.

The Model Context Protocol (MCP) is an open standard for connecting AI agents to external tools and data sources. An MCP gateway sits between agents and those tool servers, governing which servers and tools an agent may use and inspecting every call that passes through.

Without a gateway, every connected MCP server is an open door: any tool, any input, any output, unscreened. A gateway closes that by requiring approval to enable a server, allow-listing specific tools, screening calls for leakage and injection, and keeping a kill switch within reach.

In Cortex

How Cortex implements it.

This term isn't abstract here — it maps to a real capability in the runtime. Here is exactly how Cortex enforces or relates to it.

Distribution

Cortex's MCP Gateway requires servers to be approved before they can be invoked (block is an instant kill switch), assigns each a risk tier, and supports per-server tool allow-lists. A governed invoke runs a DLP scan on input — blocking high-injection content — and redacts PII from output.

Every governed invocation, allowed or blocked, is logged with redacted I/O, a reason, and latency — so the tool layer is as auditable as the rest of the runtime.

See MCP Gateway enforced, not just defined.

Book a walkthrough and watch the controls in this glossary return real verdicts, seal real evidence, and trace every fact back to its source.