For AI-Powered Teams

Your AI Agents Are Installing
Dependencies.
Do You Know Which Ones?

AI coding assistants don't just write code — they install packages. Without a firewall that understands agent-level provenance, those installs happen outside your security policies. Hextrap is the only package firewall built natively for the agentic AI era.

Set Up MCP Integration Start Free
OWASP LLM Top 10 — LLM03:2025

Supply Chain Vulnerabilities now ranks in the top 3 LLM security risks. AI agents that autonomously install packages represent an attack surface that traditional package security tools — built before agents existed — cannot address.

OWASP LLM Top 10 →

Traditional firewalls can't see agents.

Conventional package firewalls sit at the infrastructure layer. They know a package was requested — but they have no concept of who requested it. Was it a developer? A CI runner? An AI agent operating autonomously at 2am?

This matters because agents can install packages without developer review, based on instructions that may be malicious (prompt injection), ambiguous, or simply untested. A credential-harvesting package installed by your AI assistant looks identical to a legitimate install at the infrastructure layer.

In early 2026, compromised agent credentials were used to harvest data from 47 enterprise deployments for six months before detection. The vector: AI agents with unrestricted package installation capabilities.

Without Hextrap MCP
  • Agents install packages autonomously
  • No distinction between human and agent installs
  • Policy applies to CI/dev but not AI agents
  • No audit trail of what the agent installed
  • Prompt injection can bypass package restrictions
With Hextrap MCP
  • Every agent install passes through your firewall
  • Agent identity logged alongside every request
  • Same allow/deny policies apply to AI and humans
  • Full audit log: agent → package → policy result
  • Agents can only install what your policy permits

How the MCP integration works

Hextrap exposes a Model Context Protocol server. Your AI assistant connects to it and uses it as a tool when it needs to install packages.

Developer asks AI assistant

"Install the latest version of httpx and add it to requirements.txt"

AI agent calls Hextrap MCP tool

The agent invokes hextrap_check_package before installing

Hextrap evaluates the request

Checks typosquats, soak time, allow/deny lists, and threat intelligence

Approved or blocked — with reason

Agent proceeds only if cleared. Result logged with agent identity and timestamp.

Set Up MCP Integration

Full visibility into what your AI is doing.

Every package install by an AI agent is logged separately from developer and CI installs. You can see exactly what your AI assistant has installed, when, and whether it passed your policies.

  • Agent identity captured per request
  • Package, version, and registry logged
  • Policy result (allowed/blocked/quarantined) and reason
  • Timestamp and session context
  • Filterable by actor type: developer, CI, AI agent

This isn't just useful for security — it's the audit trail your compliance team will ask for when AI governance frameworks start requiring documentation of autonomous system behavior.

Activity Log — AI Agent Filter agent: claude-code
AI claude-code
httpx 0.27.2 ALLOWED 3m ago
AI claude-code
reaquests 2.31.0 BLOCKED 3m ago
AI copilot
aiohttp 3.11.12 QUARANTINE 17m ago
AI claude-code
pydantic 2.10.3 ALLOWED 41m ago

Works with the tools your team already uses.

Any AI coding assistant that supports Model Context Protocol can connect to Hextrap.

Claude Code
Supported
GitHub Copilot
Supported
Cursor
Supported
Windsurf
Supported
Any MCP Client
MCP Protocol

Govern your AI agents before your security team asks you to.

Five minutes to set up. Zero workflow changes for your developers.

MCP Setup Guide Start Free