EU AI Act compliance
for MCP agents.
Pylae is a transparent proxy between your AI agents and MCP servers. It intercepts every tool call, enforces policies, and evaluates your infrastructure against 7 EU AI Act articles, generating the compliance evidence auditors will ask for.
AI agents are in production. Governance isn't keeping up.
Source: Gravitee State of AI Agent Security 2026 (N=919)
And now the EU AI Act makes governance mandatory.
High-risk AI systems must meet Articles 9-15 by August 2, 2026. Non-compliance carries fines up to €15 million or 3 % of annual turnover. If your agents score credit, screen candidates, price insurance, or classify emergency calls, they fall under Annex III. Pylae evaluates your MCP infrastructure against all 7 articles and generates the compliance evidence auditors expect.
| Article | Requirement | What Pylae evaluates |
|---|---|---|
| Art. 9 | Risk Management System | Active policies with risk-differentiated actions (block, escalate, rate_limit) |
| Art. 10 | Data and Data Governance | GDPR erasure capability, data retention configuration |
| Art. 11 | Technical Documentation | Agent Behavioral Contracts, policy versioning, system configuration |
| Art. 12 | Record-keeping | SHA-256 audit chain coverage, hash integrity, log retention period |
| Art. 13 | Transparency and Provision of Information | Decision source tracing, policy evaluation logging per action |
| Art. 14 | Human Oversight | Escalation policies, kill switch availability, dashboard authentication |
| Art. 15 | Accuracy, Robustness, Cybersecurity | Circuit breaker, description firewall, tool pinning, adaptive posture |
Output: per-article compliance status, evidence list, gap analysis, numeric score, and overall readiness badge. Available via API and dashboard.
How Pylae works
Intercept
Pylae sits between your agents and their MCP servers. Every tool call passes through the proxy. Zero agent modification.
Evaluate
Policies define what's allowed. Block, escalate, rate-limit, or transform any action. YAML rules with glob matching.
Protect
8 security subsystems run on every request: firewall, tool pinning, circuit breaker, blast radius, adaptive posture, and more.
Comply
Every action is logged to a tamper-evident SHA-256 chain. Pylae evaluates your setup against 7 EU AI Act articles automatically.
What a policy looks like
name: block-destructive-operations action: block priority: 100 match_rules: method: tools/call tool_name: "delete_*" # glob pattern
Who uses Pylae
Works with any MCP-compatible agent. No agent modification needed.
Engineering teams
Drop-in proxy, no SDK, no agent modifications. Block delete_* and drop_* calls. Rate-limit per agent. Route to multiple MCP servers. YAML policies with hot-reload.
Compliance officers & DPOs
Automated EU AI Act readiness assessment across 7 articles. Compliance reports with evidence and gap analysis. GDPR erasure with PDF certificate. Insurability reports for cyber insurance.
CISOs & security teams
8 runtime security subsystems. Tamper-evident SHA-256 audit chain. Adaptive posture escalation. Incident replay with forensic export. Health score across 6 dimensions. Self-hosted. Your data never leaves your infrastructure.
Built for governance, not just monitoring
Compliance & Insurability Pro
EU AI Act readiness assessment across 7 articles with per-article scoring and gap analysis. Insurability reports (9 sections, SHA-256 sealed) for cyber insurance underwriting. GDPR erasure with PDF certificate. Forensic export.
8 Runtime Security Subsystems
Description firewall (30+ patterns). Tool pinning with hash tamper detection. PII sanitization. Blast radius scoring per session. Circuit breaker for agent loops. Adaptive posture (NORMAL→CRITICAL). Auto-remediation. Cross-server data flow control.
Agent Behavioral Contracts
Declarative YAML contracts defining what each agent can and cannot do. Forbidden tools, cost ceilings, escalation rules. Append-only versioning with side-by-side diff viewer and one-click restore.
Tamper-Evident Audit Trail
SHA-256 hash chain with Merkle block integrity. Every action cryptographically chained to the previous one. Chain verification, gap detection, and coverage percentage. CSV export.
Policy Engine
YAML policies with glob matching. Six action types: allow, block, escalate, rate-limit, log-only, transform. Hot-reload without restart. Append-only versioning with diff viewer.
Human-in-the-Loop
Escalate risky operations for human approval. Configurable timeout with secure token verification. Kill switch for all traffic, per-agent, or per-server. Works even if the DB is down.
Incident Replay & Forensics Pro
Full-screen timeline reconstruction of security events with context, chain verification, and policy evaluation trace. Natural language incident narratives. Forensic export with SHA-256 seal.
Cost Ceiling & Policy Simulation Pro
Per-agent budget limits (hourly/daily/monthly) with pre-ceiling alerts at 80%, 90%, 95%. Test policies against historical actions before deploying to see exactly what would change.
Real-Time Dashboard
10 pages: overview, actions, agents, policies, contracts, escalations, security, tool pins, compliance, settings. Health score across 6 dimensions. WebSocket live streaming. Actionable recommendations.
Multi-Server Proxy
Connect unlimited MCP servers through a single endpoint. Stdio and Streamable HTTP transports. Aggregated tool lists with transparent routing. CVE feed for known server vulnerabilities.
Notifications & Alerts Pro
In-dashboard notifications for security events. Webhook callbacks, Slack messages, and email alerts for escalations, security events, and policy violations.
Zero Config Install
Single Rust binary with embedded dashboard. No runtime dependencies, no containers required. Auto-registers agents, hot-reloads policies, defaults to allow. Self-hosted by design.
What no other MCP tool does
7 EU AI Act Articles
Automated compliance evaluation with evidence, gaps, and per-article scoring. No other MCP governance tool offers this today.
Insurability Reports
9-section governance posture report with SHA-256 cryptographic seal. Built for cyber insurance underwriting
Agent Contracts
Declarative YAML defining per-agent authorization boundaries. Policy ∩ contract = most restrictive wins. Versioned with diff viewer
Self-Hosted by Design
Your audit trails and compliance evidence never leave your infrastructure. Single binary, no cloud dependency. Data sovereignty built in
See it in action
The dashboard ships embedded in the binary. One process, one port.
Real-time overview with activity chart and decision breakdown.
Running in 60 seconds
Single binary, no runtime dependencies. The dashboard is built in. One process, one port, zero config to get started.
Simple, honest pricing
Self-hosted is always free. Runtime security included. No per-agent pricing, ever.
- ✓ Full MCP proxy with all 6 policy actions
- ✓ 8 runtime security subsystems
- ✓ Unlimited agents, servers & policies
- ✓ Agent Behavioral Contracts (ABCs)
- ✓ Kill switch & cost ceiling
- ✓ Real-time dashboard (10 pages)
- ✓ Human-in-the-loop escalations
- ✓ 30-day action retention
- ✓ Everything in Free
- ✓ EU AI Act compliance engine (7 articles)
- ✓ Compliance & insurability reports
- ✓ GDPR erasure with PDF certificate
- ✓ Policy simulation / what-if
- ✓ Policy & contract version history
- ✓ Incident replay & narrative
- ✓ Forensic export (SHA-256 sealed)
- ✓ 180-day action retention
- ✓ Webhooks, Slack & email alerts
€99/mo to prove compliance. EU AI Act fines reach €15 million or 3 % of annual turnover.
Need multi-user or managed hosting? Contact us