The MCP Governance Layer
AI agents are powerful, but one wrong action could be catastrophic. Preloop is an agentic automation platform with built-in human approval layer. AI agents automate routine work across your systems, and when they attempt risky actions (deployments, refunds, data changes), Preloop intercepts and routes them for approval via mobile, Slack, or Teams before execution. You can use Preloop for automation only, approval gates only, or both together depending on your needs.
Preloop's CLI discovers local agent configs for Claude Code, Codex CLI, Cursor, Gemini CLI, Hermes, OpenClaw, and other MCP-compatible runtimes, then transparently rewrites them to route through Preloop's MCP Firewall and Gateway in seconds—no SDK changes or agent code modifications required.
Preloop logs every action—tool call, model call, policy decision, approval, denial, outcome—with full context, timestamps, matched rule, and approver identity. Teams can drill from fleet view into individual runtime session timelines and use the same evidence for security reviews, incident analysis, and EU AI Act readiness.
Preloop's AI model gateway routes traffic through an OpenAI- and Anthropic-compatible gateway, enforcing per-account and per-flow budgets, attributing every token to the runtime that spent it, and providing visibility into model costs before they escalate.
Preloop sends instant notifications to approvers on mobile, watch, Slack, Mattermost, or email with full context when tool calls hit approval rules. Approvers can approve with one tap, and async mode allows long-running reviews to complete without blocking the agent's transport.
Preloop's MCP Firewall lets teams define allow, deny, require-approval, and require-justification rules for any MCP tool or built-in action using policy-as-code in YAML with CEL expressions. This prevents agents from executing unintended operations like deployments, database changes, or secret access without explicit governance.