Auth gate
/mcp requires Authorization: Bearer <token>. GET returns 405 because the endpoint only accepts JSON-RPC POST.
MCP security
Paid bearer tokens, least-privilege routes, and safe audit logs.
The router rejects unauthenticated /mcp calls, uses one-time token claim after payment, and stores safe usage summaries instead of raw secrets.
Policy gate
Tools are classified as allow, ask, or block before the agent receives the selected schema set.
Audit gate
Usage is logged by server, tool, user, and plan with token summaries and denied-call counts.