The latest articles on DEV Community by AgentBouncr (@agentbouncr). https://dev.to/agentbouncr https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3792305%2F02d5af4e-b0f7-49cf-95c8-24d9ad3fa1c8.PNG https://dev.to/agentbouncr en AgentBouncr Wed, 25 Feb 2026 17:59:24 +0000 https://dev.to/agentbouncr/getting-started-with-agentbouncr-add-governance-to-your-ai-agent-in-5-minutes-3kkb https://dev.to/agentbouncr/getting-started-with-agentbouncr-add-governance-to-your-ai-agent-in-5-minutes-3kkb <h2> Getting Started with AgentBouncr: Add Governance to Your AI Agent in 5 Minutes </h2> <p>If you're building AI agents that call tools — reading databases, sending emails, approving payments, modifying files — you need governance. Not "eventually." Now.</p> <p>AgentBouncr is a governance layer that sits between your AI agent and its tools. It evaluates every tool call against a policy before execution, records every decision in a tamper-proof audit trail, and gives you a deterministic kill switch when things go wrong.</p> <p>This tutorial walks you through the full setup: install, policy, evaluation, persistence, audit verification, and framework integration. Everything runs locally. No accounts, no cloud dependencies.</p> <h2> Prerequisites </h2> <ul> <li>Node.js 18+</li> <li>npm or pnpm</li> <li>Any AI agent that calls tools (or follow along to see how it works)</li> </ul> <h2> Step 1: Install </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install</span> @agentbouncr/core @agentbouncr/sqlite </code></pre> </div> <p>Two packages:</p> <ul> <li> <strong><code>@agentbouncr/core</code></strong> — The governance engine: policy evaluation, audit trail, kill switch, event system, injection detection.</li> <li> <strong><code>@agentbouncr/sqlite</code></strong> — SQLite persistence adapter so your audit trail survives restarts.</li> </ul> <h2> Step 2: Initialize with Persistence </h2> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">GovernanceMiddleware</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@agentbouncr/core</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">SqliteDatabaseAdapter</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@agentbouncr/sqlite</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="nx">pino</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">pino</span><span class="dl">'</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">db</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">SqliteDatabaseAdapter</span><span class="p">(</span> <span class="nf">pino</span><span class="p">({</span> <span class="na">level</span><span class="p">:</span> <span class="dl">'</span><span class="s1">info</span><span class="dl">'</span> <span class="p">}),</span> <span class="dl">'</span><span class="s1">./governance.db</span><span class="dl">'</span> <span class="p">);</span> <span class="k">await</span> <span class="nx">db</span><span class="p">.</span><span class="nf">runMigrations</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">governance</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">GovernanceMiddleware</span><span class="p">({</span> <span class="nx">db</span> <span class="p">});</span> </code></pre> </div> <p>This creates a SQLite database at <code>./governance.db</code> with all necessary tables. Migrations run automatically.</p> <h2> Step 3: Register an Agent </h2> <p>Every agent needs a registered identity with an explicit tool allowlist:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">await</span> <span class="nx">governance</span><span class="p">.</span><span class="nf">registerAgent</span><span class="p">({</span> <span class="na">agentId</span><span class="p">:</span> <span class="dl">'</span><span class="s1">claims-agent</span><span class="dl">'</span><span class="p">,</span> <span class="na">name</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Claims Processor</span><span class="dl">'</span><span class="p">,</span> <span class="na">allowedTools</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">search_claims</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">approve_payment</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">send_email</span><span class="dl">'</span><span class="p">],</span> <span class="p">});</span> </code></pre> </div> <p>The agent can only use these three tools. Any attempt to call a tool not on the allowlist will be denied — even before the policy is evaluated.</p> <h2> Step 4: Define a Policy </h2> <p>Policies are declarative JSON. No custom code needed:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">governance</span><span class="p">.</span><span class="nf">setPolicy</span><span class="p">({</span> <span class="na">name</span><span class="p">:</span> <span class="dl">'</span><span class="s1">claims-policy</span><span class="dl">'</span><span class="p">,</span> <span class="na">version</span><span class="p">:</span> <span class="dl">'</span><span class="s1">1.0</span><span class="dl">'</span><span class="p">,</span> <span class="na">rules</span><span class="p">:</span> <span class="p">[</span> <span class="p">{</span> <span class="na">tool</span><span class="p">:</span> <span class="dl">'</span><span class="s1">approve_payment</span><span class="dl">'</span><span class="p">,</span> <span class="na">effect</span><span class="p">:</span> <span class="dl">'</span><span class="s1">deny</span><span class="dl">'</span><span class="p">,</span> <span class="na">condition</span><span class="p">:</span> <span class="p">{</span> <span class="na">amount</span><span class="p">:</span> <span class="p">{</span> <span class="na">gt</span><span class="p">:</span> <span class="mi">5000</span> <span class="p">}</span> <span class="p">},</span> <span class="na">reason</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Payments over 5000 require manual approval</span><span class="dl">'</span><span class="p">,</span> <span class="na">requireApproval</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="p">{</span> <span class="na">tool</span><span class="p">:</span> <span class="dl">'</span><span class="s1">send_email</span><span class="dl">'</span><span class="p">,</span> <span class="na">effect</span><span class="p">:</span> <span class="dl">'</span><span class="s1">allow</span><span class="dl">'</span><span class="p">,</span> <span class="na">rateLimit</span><span class="p">:</span> <span class="p">{</span> <span class="na">maxPerMinute</span><span class="p">:</span> <span class="mi">10</span> <span class="p">}</span> <span class="p">},</span> <span class="p">{</span> <span class="na">tool</span><span class="p">:</span> <span class="dl">'</span><span class="s1">file_write</span><span class="dl">'</span><span class="p">,</span> <span class="na">effect</span><span class="p">:</span> <span class="dl">'</span><span class="s1">deny</span><span class="dl">'</span><span class="p">,</span> <span class="na">condition</span><span class="p">:</span> <span class="p">{</span> <span class="na">path</span><span class="p">:</span> <span class="p">{</span> <span class="na">startsWith</span><span class="p">:</span> <span class="dl">'</span><span class="s1">/etc/</span><span class="dl">'</span> <span class="p">}</span> <span class="p">}</span> <span class="p">},</span> <span class="p">{</span> <span class="na">tool</span><span class="p">:</span> <span class="dl">'</span><span class="s1">*</span><span class="dl">'</span><span class="p">,</span> <span class="na">effect</span><span class="p">:</span> <span class="dl">'</span><span class="s1">allow</span><span class="dl">'</span> <span class="p">}</span> <span class="p">],</span> <span class="na">createdAt</span><span class="p">:</span> <span class="k">new</span> <span class="nc">Date</span><span class="p">().</span><span class="nf">toISOString</span><span class="p">(),</span> <span class="na">updatedAt</span><span class="p">:</span> <span class="k">new</span> <span class="nc">Date</span><span class="p">().</span><span class="nf">toISOString</span><span class="p">(),</span> <span class="p">});</span> </code></pre> </div> <p>Let's break down what this policy does:</p> <ol> <li> <strong>Payments over $5,000</strong> → denied, requires human approval</li> <li> <strong>Email sending</strong> → allowed, but rate-limited to 10 per minute</li> <li> <strong>File writes to /etc/</strong> → denied (system directory protection)</li> <li> <strong>Everything else</strong> → allowed (default rule)</li> </ol> <p>Rules are evaluated top-to-bottom. The first matching rule wins. <strong>Deny-before-allow</strong> is the design principle: if a deny rule matches, it takes precedence regardless of order.</p> <h3> Condition Operators </h3> <p>AgentBouncr supports 11 condition operators:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Operator</th> <th>Example</th> <th>Meaning</th> </tr> </thead> <tbody> <tr> <td><code>equals</code></td> <td><code>{ status: { equals: "active" } }</code></td> <td>Exact match</td> </tr> <tr> <td><code>notEquals</code></td> <td><code>{ role: { notEquals: "admin" } }</code></td> <td>Not equal</td> </tr> <tr> <td><code>gt</code></td> <td><code>{ amount: { gt: 5000 } }</code></td> <td>Greater than</td> </tr> <tr> <td><code>lt</code></td> <td><code>{ amount: { lt: 100 } }</code></td> <td>Less than</td> </tr> <tr> <td><code>gte</code></td> <td><code>{ score: { gte: 0.8 } }</code></td> <td>Greater than or equal</td> </tr> <tr> <td><code>lte</code></td> <td><code>{ retries: { lte: 3 } }</code></td> <td>Less than or equal</td> </tr> <tr> <td><code>startsWith</code></td> <td><code>{ path: { startsWith: "/etc/" } }</code></td> <td>String prefix</td> </tr> <tr> <td><code>endsWith</code></td> <td><code>{ file: { endsWith: ".exe" } }</code></td> <td>String suffix</td> </tr> <tr> <td><code>contains</code></td> <td><code>{ query: { contains: "DROP TABLE" } }</code></td> <td>Substring match</td> </tr> <tr> <td><code>in</code></td> <td><code>{ env: { in: ["prod", "staging"] } }</code></td> <td>Value in set</td> </tr> <tr> <td><code>matches</code></td> <td><code>{ email: { matches: ".*@company\\.com" } }</code></td> <td>Regex match</td> </tr> </tbody> </table></div> <h2> Step 5: Evaluate Tool Calls </h2> <p>Now integrate the governance check into your agent's tool execution flow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Before executing any tool call, evaluate it</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">governance</span><span class="p">.</span><span class="nf">evaluate</span><span class="p">({</span> <span class="na">agentId</span><span class="p">:</span> <span class="dl">'</span><span class="s1">claims-agent</span><span class="dl">'</span><span class="p">,</span> <span class="na">tool</span><span class="p">:</span> <span class="dl">'</span><span class="s1">approve_payment</span><span class="dl">'</span><span class="p">,</span> <span class="na">params</span><span class="p">:</span> <span class="p">{</span> <span class="na">amount</span><span class="p">:</span> <span class="mi">12000</span><span class="p">,</span> <span class="na">claimId</span><span class="p">:</span> <span class="dl">'</span><span class="s1">CLM-4821</span><span class="dl">'</span> <span class="p">},</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nx">allowed</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// Proceed with tool execution</span> <span class="k">await</span> <span class="nf">executeToolCall</span><span class="p">(</span><span class="dl">'</span><span class="s1">approve_payment</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">amount</span><span class="p">:</span> <span class="mi">12000</span> <span class="p">});</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="s2">`Denied: </span><span class="p">${</span><span class="nx">result</span><span class="p">.</span><span class="nx">reason</span><span class="p">}</span><span class="s2">`</span><span class="p">);</span> <span class="c1">// Handle denial — notify user, request approval, etc.</span> <span class="p">}</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nx">traceId</span><span class="p">);</span> <span class="c1">// "00-a1b2c3..." (W3C Trace Context)</span> </code></pre> </div> <p>Output:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Denied: Payments over 5000 require manual approval </code></pre> </div> <p>The evaluation is deterministic — no LLM is involved in the permission decision. Pure logic. The same input always produces the same result.</p> <p><strong>Evaluation latency: under 5 milliseconds.</strong> The governance check adds negligible overhead to your agent's workflow.</p> <h3> A Few More Examples </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// This will be allowed (within policy)</span> <span class="kd">const</span> <span class="nx">r1</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">governance</span><span class="p">.</span><span class="nf">evaluate</span><span class="p">({</span> <span class="na">agentId</span><span class="p">:</span> <span class="dl">'</span><span class="s1">claims-agent</span><span class="dl">'</span><span class="p">,</span> <span class="na">tool</span><span class="p">:</span> <span class="dl">'</span><span class="s1">search_claims</span><span class="dl">'</span><span class="p">,</span> <span class="na">params</span><span class="p">:</span> <span class="p">{</span> <span class="na">customerId</span><span class="p">:</span> <span class="dl">'</span><span class="s1">CUST-123</span><span class="dl">'</span> <span class="p">},</span> <span class="p">});</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">r1</span><span class="p">.</span><span class="nx">allowed</span><span class="p">);</span> <span class="c1">// true</span> <span class="c1">// This will be denied (system directory)</span> <span class="kd">const</span> <span class="nx">r2</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">governance</span><span class="p">.</span><span class="nf">evaluate</span><span class="p">({</span> <span class="na">agentId</span><span class="p">:</span> <span class="dl">'</span><span class="s1">claims-agent</span><span class="dl">'</span><span class="p">,</span> <span class="na">tool</span><span class="p">:</span> <span class="dl">'</span><span class="s1">file_write</span><span class="dl">'</span><span class="p">,</span> <span class="na">params</span><span class="p">:</span> <span class="p">{</span> <span class="na">path</span><span class="p">:</span> <span class="dl">'</span><span class="s1">/etc/passwd</span><span class="dl">'</span><span class="p">,</span> <span class="na">content</span><span class="p">:</span> <span class="dl">'</span><span class="s1">hacked</span><span class="dl">'</span> <span class="p">},</span> <span class="p">});</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">r2</span><span class="p">.</span><span class="nx">allowed</span><span class="p">);</span> <span class="c1">// false</span> </code></pre> </div> <h2> Step 6: Verify the Audit Trail </h2> <p>Every evaluation is automatically recorded. Verify the integrity of the entire trail:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">verification</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">db</span><span class="p">.</span><span class="nf">verifyAuditChain</span><span class="p">();</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">verification</span><span class="p">.</span><span class="nx">valid</span><span class="p">);</span> <span class="c1">// true</span> </code></pre> </div> <p>The audit trail uses a SHA-256 hash chain. Each entry includes the cryptographic hash of the previous entry. If any record is modified, deleted, or reordered after the fact, the chain breaks and <code>valid</code> returns <code>false</code>.</p> <p>Each audit entry includes:</p> <ul> <li> <strong>Trace ID</strong> — W3C Trace Context format, compatible with OpenTelemetry</li> <li> <strong>Agent ID</strong> — Which agent made the request</li> <li> <strong>Tool</strong> — Which tool was requested</li> <li> <strong>Parameters</strong> — What parameters were passed</li> <li> <strong>Decision</strong> — Allowed or denied</li> <li> <strong>Matched rule</strong> — Which policy rule triggered the decision</li> <li> <strong>Duration</strong> — How long the evaluation took</li> <li> <strong>Timestamp</strong> — When it happened</li> </ul> <h2> Step 7: Kill Switch </h2> <p>When something goes wrong — and in production, something always eventually goes wrong — the kill switch stops everything:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">governance</span><span class="p">.</span><span class="nf">activateKillSwitch</span><span class="p">();</span> <span class="c1">// All subsequent evaluations return denied</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">governance</span><span class="p">.</span><span class="nf">evaluate</span><span class="p">({</span> <span class="na">agentId</span><span class="p">:</span> <span class="dl">'</span><span class="s1">claims-agent</span><span class="dl">'</span><span class="p">,</span> <span class="na">tool</span><span class="p">:</span> <span class="dl">'</span><span class="s1">search_claims</span><span class="dl">'</span><span class="p">,</span> <span class="na">params</span><span class="p">:</span> <span class="p">{</span> <span class="na">customerId</span><span class="p">:</span> <span class="dl">'</span><span class="s1">CUST-123</span><span class="dl">'</span> <span class="p">},</span> <span class="p">});</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nx">allowed</span><span class="p">);</span> <span class="c1">// false — kill switch is active</span> </code></pre> </div> <p>The kill switch is deterministic. No LLM involved, no network calls, no delays. When active, every tool call is denied synchronously in the evaluate path.</p> <p>Deactivate when the situation is resolved:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">governance</span><span class="p">.</span><span class="nf">deactivateKillSwitch</span><span class="p">();</span> <span class="c1">// Agents resume normal operation</span> </code></pre> </div> <h2> Step 8: Event System </h2> <p>Subscribe to governance events for monitoring and alerting:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">governance</span><span class="p">.</span><span class="nf">on</span><span class="p">(</span><span class="dl">'</span><span class="s1">tool_call.denied</span><span class="dl">'</span><span class="p">,</span> <span class="p">(</span><span class="nx">event</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="s2">`BLOCKED: </span><span class="p">${</span><span class="nx">event</span><span class="p">.</span><span class="nx">agentId</span><span class="p">}</span><span class="s2"> tried </span><span class="p">${</span><span class="nx">event</span><span class="p">.</span><span class="nx">tool</span><span class="p">}</span><span class="s2">`</span><span class="p">);</span> <span class="c1">// Send to Slack, PagerDuty, your SIEM, etc.</span> <span class="p">});</span> <span class="nx">governance</span><span class="p">.</span><span class="nf">on</span><span class="p">(</span><span class="dl">'</span><span class="s1">killswitch.activated</span><span class="dl">'</span><span class="p">,</span> <span class="p">(</span><span class="nx">event</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">KILL SWITCH ACTIVATED</span><span class="dl">'</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <p>AgentBouncr emits 20 event types across five categories: tool calls, approvals, agent lifecycle, security, and policies.</p> <h2> Integrating with Vercel AI SDK </h2> <p>If you're using the Vercel AI SDK, there's a built-in wrapper:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">wrapToolsWithGovernance</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@agentbouncr/core</span><span class="dl">'</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">governedTools</span> <span class="o">=</span> <span class="nf">wrapToolsWithGovernance</span><span class="p">(</span><span class="nx">myVercelTools</span><span class="p">,</span> <span class="p">{</span> <span class="na">agentId</span><span class="p">:</span> <span class="dl">'</span><span class="s1">my-agent</span><span class="dl">'</span><span class="p">,</span> <span class="nx">governance</span><span class="p">,</span> <span class="p">});</span> <span class="c1">// Use governedTools instead of myVercelTools</span> <span class="c1">// Denied calls throw GovernanceError instead of executing</span> </code></pre> </div> <p>This wraps each tool's <code>execute()</code> function with a governance check. No manual <code>evaluate()</code> calls needed.</p> <h2> Integrating via HTTP API </h2> <p>If you're using n8n, Make, Zapier, or any platform that can make HTTP calls, the same governance is available via the Enterprise HTTP API:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>curl <span class="nt">-X</span> POST https://your-instance.agentbouncr.com/api/evaluate <span class="se">\</span> <span class="nt">-H</span> <span class="s2">"Authorization: Bearer gov_your_token"</span> <span class="se">\</span> <span class="nt">-H</span> <span class="s2">"Content-Type: application/json"</span> <span class="se">\</span> <span class="nt">-d</span> <span class="s1">'{ "agentId": "claims-agent", "tool": "approve_payment", "params": { "amount": 12000 } }'</span> </code></pre> </div> <p>Same policies, same audit trail, same dashboard. The CISO sees all agents — SDK and HTTP — in one view.</p> <h2> Using the CLI </h2> <p>AgentBouncr includes a CLI for agent management and audit operations:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install</span> <span class="nt">-g</span> @agentbouncr/cli <span class="c"># List all registered agents</span> governance agent list <span class="c"># Start an agent</span> governance agent start claims-agent <span class="c"># Verify audit trail integrity</span> governance audit verify <span class="c"># Import tools from an MCP manifest</span> governance import <span class="nt">--mcp</span> ./mcp-manifest.json </code></pre> </div> <h2> What You've Built </h2> <p>In under 5 minutes, you added a complete bounded agency layer to your AI agent:</p> <ul> <li> <strong>Policy engine</strong> with 11 condition operators, rate limits, and approval gates</li> <li> <strong>Tamper-proof audit trail</strong> with SHA-256 hash chain verification</li> <li> <strong>Deterministic kill switch</strong> with sub-millisecond activation</li> <li> <strong>Event system</strong> with 20 event types for monitoring and alerting</li> <li> <strong>W3C Trace Context</strong> for correlation with your observability stack</li> </ul> <p>The governance layer is framework-agnostic. It works with LangChain, Vercel AI SDK, CrewAI, OpenAI Agents SDK, n8n, or any tool-calling agent.</p> <h2> Next Steps </h2> <ul> <li> <strong><a href="https://github.com/agentbouncr/agentbouncr" rel="noopener noreferrer">GitHub Repository</a></strong> — Source code, examples, and documentation</li> <li> <strong><a href="https://agentbouncr.com" rel="noopener noreferrer">agentbouncr.com</a></strong> — Enterprise Dashboard with PostgreSQL, multi-tenancy, approval workflows, compliance reporting, and visual policy management</li> <li> <strong><a href="https://github.com/agentbouncr/agentbouncr/blob/main/docs/mcp-import-guide.md" rel="noopener noreferrer">MCP Import Guide</a></strong> — Import tools from Model Context Protocol manifests</li> </ul> <p>AgentBouncr is source-available under the Elastic License 2.0 — free to use, modify, and distribute.</p> ai typescript security tutorial