Skip to main content
Glama
Blekline

Blekline MCP Server

Official
by Blekline

The problem nobody wants to talk about

AI agents are eating the world. Cursor writes your code, Claude answers your support tickets, autonomous pipelines touch your databases, your APIs, your customers' data. The ecosystem is accelerating — MCP servers let agents pick up tools like apps pick up plugins — and that is genuinely exciting.

But here's the thing: your agents have no idea what they're not allowed to do. They'll happily pass an AWS key to a model context window. They'll call a tool with a customer's email as an argument. They'll execute a shell command that wasn't in the plan. Not out of malice — out of the fundamental nature of language models: they optimize for task completion, not for the organizational policies you haven't written yet.

This is the AI governance gap. And right now, there's nothing sitting between your agents and everything they can touch.

Related MCP server: sovr-mcp-proxy

Why this is becoming urgent

The EU AI Act isn't theoretical anymore. GPAI obligations have been enforceable since August 2025. Transparency and human oversight requirements land in August 2026. High-risk system conformity assessments follow. Fines reach up to €35 million or 7% of global turnover for the worst violations. And these rules aren't just about the models — they're about the systems you build with them: how you govern tool access, how you audit decisions, how you prove a human was in the loop.

Meanwhile, enterprises running AI at scale — sandboxed, parallelized, thousands of agent calls — have no native answer for: what happened in that session? Who authorized that tool call? Did any PII leave the context window?

The compliance question is catching up to the capability question. And most teams aren't ready.

What Blekline is

Blekline is an open-core MCP ingress control plane — infrastructure that sits between your agents and everything they can touch.

It does three things, in real time, before any LLM sees a prompt or any tool executes:

Mask — strip PII, secrets, and sensitive context from prompts before they hit model APIs (MCP Server docs)

Enforce — evaluate tool calls against policy; allow, flag, or block before execution

Audit — emit a structured, tamper-evident event trail for every agent interaction

You can run it locally in two minutes. You can deploy it as a sidecar alongside any L1 sandbox (Daytona, Modal, E2B, Cloudflare, Vercel Sandbox). You can plug it into Cursor, Claude Desktop, or Codex today — without changing your agent code.

This is the infrastructure that makes governed AI deployment real: not a checkbox, not a policy document, but a running system that enforces your intentions at the call level.


Start here

pnpm install && pnpm build:packages
export BLEKLINE_WORKSPACE_TOKEN="blw_..."
export BLEKLINE_API_URL="https://app.blekline.com"
export BLEKLINE_CLIENT_SURFACE="sdk"
pnpm demo:mcp-smoke

Headless guide: cli/README.md · CI template: ci/

Connect Blekline

Surface

Path

BLEKLINE_CLIENT_SURFACE

CLI / SDK

cli/

sdk

CI / CD

ci/

sdk

Claude Code

.claude/settings.json.example

claude-code

Cursor

.cursor/mcp.json.example

cursor

GitHub Copilot

.vscode/mcp.json.example

github-copilot

Continue

.vscode/continue.config.json.example

continue

Claude Desktop

config/claude_desktop_config.json.example

claude-desktop

Codex

.codex/config.toml.example

codex

Full index: integrations/README.md · Docs: app.blekline.com/docs

pnpm generate:mcp-configs          # *.example configs
pnpm verify:integrations           # manifest + schema checks

In any client: "Use blekline_mask_prompt on: Contact Jane at jane@acme.com — API key AKIAIOSFODNN7EXAMPLE"

Architecture

Blekline sits at Layer 4 — between L5 agents (Cursor, Claude, Codex) and L1 sandboxes (Daytona, Modal, Vercel Sandbox, Cloudflare, E2B) and model APIs.

L5 Agents → L4 Blekline (mask · enforce · audit) → L1 sandbox MCP / model APIs

AI Enablement Stack · Architecture · Trust boundaries · Latency SLO

Open core vs cloud

Capability

OSS (this repo)

Cloud (app.blekline.com)

MCP server / proxy

Yes

Yes

Local tool + secret enforce

Yes (@blekline/contracts)

Yes

Azure authoritative PII mask

Yes

Workspace fleet policy (SSE)

Yes

Investigations / billing

Yes

License: AGPL for proxy/server (self-host or buy cloud). Apache for contracts/SDK (embed in your agent stack).

Who this is for

Developers building with Cursor, Claude Desktop, or Codex who want their agents to stop leaking secrets and start respecting tool boundaries.

Platform teams deploying AI workloads in L1 sandboxes who need a governance layer that travels with the execution environment.

Enterprise architects preparing for EU AI Act compliance — specifically human oversight, audit trails, and tool call transparency requirements that become enforceable in August 2026.

Open source contributors who believe that the infrastructure for safe AI should be auditable, forkable, and owned by the community — not locked inside a vendor's cloud.

Packages

Package

Install

License

@blekline/mcp-server

npm i @blekline/mcp-server

AGPL-3.0

@blekline/mcp-proxy

npm i @blekline/mcp-proxy

AGPL-3.0

@blekline/client

npm i @blekline/client

Apache-2.0

@blekline/contracts

workspace / embed

Apache-2.0

ingress-proxy

Docker / Helm

AGPL-3.0

OpenAPI: packages/contracts/openapi.yaml

MCP tools

Tool

Purpose

blekline_mask_prompt

Redact PII / secrets before model context

blekline_classify_risk

Risk tier → allow / review / block

blekline_evaluate_tool_call

Policy on tool name + arguments

blekline_emit_event

Metadata audit trail

Proxy path: agent → Blekline → allow/mask/block → downstream MCP (Daytona, E2B, Modal, Cloudflare, Vercel Sandbox, custom).

Client libraries

TypeScript

npm install @blekline/client
import { BleklineClient } from "@blekline/client";

const blekline = new BleklineClient({
  workspaceToken: process.env.BLEKLINE_WORKSPACE_TOKEN!,
  metadata: { clientSurface: "sdk" },
});

await blekline.mask({ text: "alice@corp.com", platform: "MyAgent" });
await blekline.enforceToolCall({
  toolName: "run_shell",
  arguments: { cmd: "curl https://api.internal/deploy" },
});

Python

pip install blekline-client

Local-only (no API token)

import { enforceToolCallLocally, scanTextForSecrets } from "@blekline/contracts";

scanTextForSecrets("export AWS_KEY=AKIAIOSFODNN7EXAMPLE");
enforceToolCallLocally({
  toolName: "run_shell",
  arguments: { cmd: "export AWS_KEY=AKIAIOSFODNN7EXAMPLE" },
  requestId: "local-1",
});

Works with

Full integration guides on app.blekline.com/docs — not mirrored in this repo.

L5 agent clients

Client

Guide

Hub

Agent clients

Continue

Continue MCP

GitHub Copilot

Copilot MCP

OpenHands

OpenHands

Sourcegraph Cody

Cody

L2 model providers

Provider

Guide

Hub

Model providers

Azure OpenAI

Azure stack

AWS Bedrock

Bedrock stack

OpenRouter

OpenRouter stack

L2 frameworks & RAG

Integration

Guide

Hub

Frameworks & RAG

LangChain

LangChain stack

Pinecone

Pinecone stack

L3 eval & safety

Partner

Guide

Hub

Eval & safety

LangSmith

LangSmith stack

Guardrails

Guardrails stack

L1 sandboxes

Provider

Integration guide

All five

Sandbox providers hub

Daytona

Daytona stack

Modal

Modal stack

Vercel Sandbox

Vercel Sandbox stack

Cloudflare

Cloudflare stack

E2B

E2B stack

Deploy

Mode

Command / link

MCP (global)

npx -y @blekline/mcp-server

Edge sidecar

pnpm docker:ingressHelm

L1 sandboxes

Sandbox providers

Development

Client demos and smoke tests: demo/README.md.

git clone https://github.com/Blekline/blekline-oss.git && cd blekline-oss
pnpm install && pnpm build:packages && pnpm demo:mcp-smoke

Documentation

All docs: app.blekline.com/docs

Doc

Link

Quick start

introduction/quick-start

EU AI Act & compliance

introduction/eu-ai-act

AI Enablement Stack

introduction/ai-enablement-stack

MCP proxy

mcp/proxy

Cursor setup

mcp/cursor

Community & design partners

Questions or integration feedbackGitHub Discussions (Q&A, integration feedback).

Design partners — shipping agents in production and want help wiring Blekline into your stack (proxy or MCP server)?

Contributing

CONTRIBUTING.md · SECURITY.md · CHANGELOG.md

Private Blekline team: develop in the blekline monorepo, run pnpm sync:oss from the root repo.

License

Component

License

mcp-server, mcp-proxy, ingress-proxy

AGPL-3.0

contracts, client, client-python

Apache-2.0

Managed SaaS at app.blekline.com is not licensed under this repository.

A
license - permissive license
-
quality - not tested
A
maintenance

Maintenance

Maintainers
Response time
1wRelease cycle
5Releases (12mo)
Commit activity

Resources

Unclaimed servers have limited discoverability.

Looking for Admin?

If you are the server author, to access and configure the admin panel.

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/Blekline/blekline-oss'

If you have feedback or need assistance with the MCP directory API, please join our Discord server