Vaikora Gateway: Open-Source AI Runtime Control Engine

The Vaikora gateway is the open-source enforcement engine that sits in front of an AI agent and decides, in real time, whether the agent is allowed to do the thing it just proposed. MIT-licensed, self-hostable, sub-500ms p95.

Get a demo · Open-source gateway on GitHub · MCP server

Architecture

The gateway runs as a sidecar in front of LLM traffic, an inline Python or Node.js SDK embedded in the application, or a hosted endpoint via the Vaikora Control Plane. Every proposed action is evaluated against the policy engine; the engine returns a decision (ALLOW, ALLOW_LOG, CONSTRAIN, BLOCK) plus a receipt id. Decisions land in under 500ms at the p95.

Adapters

First-class adapters for OpenAI, Anthropic, Google Gemini, and OpenRouter at the LLM level. Agent-to-agent (A2A) and Model Context Protocol (MCP) at the protocol level. The vaikora-guard-mcp server is registered in the Anthropic MCP registry and installable from PyPI.

Content modules

Six modules ship by default: PII detection, jailbreak detection, prompt injection detection, semantic risk classification, domain risk scoring, and email classification. Each module is independently configurable and replaceable; the engine composes their verdicts into a single policy decision.

License

MIT license on the gateway and the MCP server. Source on GitHub, contributions welcome. Production Control Plane is commercial.

Related pages