Runs on your machine
Nothing to host, no account, no cloud. `npx knotrust --
KnoTrust puts you back in charge of what your AI agents can actually do — the safe actions run instantly, the risky ones wait for your approval, and every attempt is logged. Works with Claude, Codex, and any MCP agent. Nothing to host, no account.
Not on npm yet — build from source
knotrust isn't published to npm yet, so npx knotrust … won't resolve. Install from source — a few minutes, and you get the same knotrust command on your PATH. Then use knotrust … in place of npx knotrust … in the examples below.
# Point KnoTrust at Claude Desktop's existing MCP servers
npx knotrust init claude
# ...or wrap any MCP server directly, client-agnostic
npx knotrust -- node server.jsknotrust init finds your AI client's tool configuration, rewires each tool server to run behind knotrust --, and sets up a starting policy with suggested risk tiers based on what each tool says about itself. From there, every action your agent tries is decided by its risk tier: routine actions pass straight through, sensitive actions need a one-time approval (a "grant"), and critical actions stop and wait for you to say yes. See the installation & quickstart guide for the full walkthrough.
Read the full doctrine in Security & threat boundaries.