Loading...
Loading...
Agent Integrations
Drop OmegaEngine into any AI agent — in one line. Add the Model Context Protocol server to Claude Desktop, Cursor, Windsurf, and the rest, and your agent can govern, red-team, and cryptographically verify every action it takes — before it executes.
Proof, not promises. Every verdict is signed and offline-verifiable — your agent can check the proof itself, without trusting OmegaEngine.
check_actionDECIDE / GOVERNGovern an action before it runs → signed approved | denied | escalated + audit id.
POST /api/authorizescan_agentDEFENDRed-team an agent's prompt + tools against the attack corpus.
POST /api/redteam/agent-scanverify_proofPROVEVerify a signed decision offline, without trusting OmegaEngine.
POST /api/decision/verifyAdd to your MCP client config:
{
"mcpServers": {
"omega-engine": {
"command": "npx",
"args": ["-y", "@omegaengine/mcp"],
"env": {
"OMEGA_API_KEY": "your-omegaengine-api-key",
"OMEGA_BASE_URL": "https://omegaengine.ai"
}
}
}
}OMEGA_API_KEY — required for check_action (get a key). scan_agent (sample) and verify_proof work without it.OMEGA_BASE_URL — point at your self-hosted instance (http://localhost:3000) to keep everything on-prem. Defaults to the hosted API.Clients that support remote MCP servers can skip npx and connect straight to POST https://omegaengine.ai/api/mcp.
x-api-key header on every request. MCP OAuth is not available yet — API-key auth only. Unlike stdio, the remote endpoint requires the key for all tools.check_action, scan_agent, verify_proof — so configs are interchangeable.{
"mcpServers": {
"omega-engine": {
"url": "https://omegaengine.ai/api/mcp",
"headers": { "x-api-key": "your-omegaengine-api-key" }
}
}
}Smoke-test with curl:
curl -s https://omegaengine.ai/api/mcp \
-H 'content-type: application/json' -H "x-api-key: $OMEGA_API_KEY" \
-d '{"jsonrpc":"2.0","id":1,"method":"tools/list"}'cd packages/omega-mcp
npm install && npm run build
node dist/index.js # speaks MCP over stdioThe MCP server is a thin, open-source client — no decision logic runs locally. The engine, the signed audit trail, and the cryptographic proofs live in OmegaEngine (hosted or self-hosted). The drop-in is free and spreads itself; the verifiable control plane is the product.