node9-proxy

Overview

Node9 serves as a security gateway between AI agents and their tools, offering discovery of past agent activities, real-time protection against risky commands, and comprehensive review capabilities. It works with various AI environments including Claude Code, Gemini CLI, Cursor, and any MCP server. The tool provides deterministic 'Sudo' governance with customizable shields for different services like databases, cloud platforms, and filesystem operations. Its MCP gateway feature allows transparent wrapping of existing MCP servers while intercepting and monitoring all tool calls.

Try asking AI

After installing, here are 5 things you can ask your AI assistant:

• scan

  Scan past AI sessions for credential leaks, agent loops, and secrets on disk

  Try:Scan my system for AI security risksTry:Show me what secrets my agent can access
• monitor

  Open an interactive dashboard for real-time activity and security alerts

  Try:Start monitoring my agent's activityTry:Show me current security alerts
• report

  Generate period-windowed reports of agent activity, costs, and security incidents

  Try:Generate a weekly report of agent activitiesTry:Show me cost breakdown for this month
• blast

  Show what an AI agent can reach on the system - files, credentials, environment

  Try:Show what files my agent has access toTry:List all credentials on my system
• tail

  Live stream of every tool call in text format

  Try:Stream all tool calls to my terminalTry:Show me a live log of agent activity
• sessions

  Display session history with prompts, tool traces, costs, and snapshots

  Try:Show me my last agent sessionTry:List all my AI sessions with costs
• dlp

  Find credential leaks in Claude's response text

  Try:Check for leaked credentials in my conversationTry:Find any secrets in recent responses
• mask

  Redact plaintext secrets from local session history files

  Try:Clean secrets from my local historyTry:Redact any sensitive information from logs
• shield

  Manage security shields - rule packs for different services

  Try:Enable the AWS shieldTry:List all available shields
• mcp

  Manage MCP server configurations and tool pinning

  Try:List my pinned MCP serversTry:Update MCP tool pin for postgres server
• undo

  Revert AI file edits using git snapshots

  Try:Undo the last file edit my agent madeTry:Revert all changes from the last session
• init

  Auto-wire Node9 with Claude Code, Gemini CLI, Cursor, Codex, and MCP servers

  Try:Initialize Node9 with my AI toolsTry:Set up Node9 integration

Comparable tools

Installation

# npm (any platform)
npm install -g node9-ai

# macOS / Linux
brew tap node9-ai/node9 && brew install node9

node9 init     # auto-wires Claude Code, Gemini CLI, Cursor, Codex, MCP servers
node9 doctor   # verify everything is wired correctly

{
  "mcpServers": {
    "node9": {
      "command": "node9",
      "args": ["mcp"]
    }
  }
}

FAQ

What is Node9?

Node9 is an execution security layer for AI agents that provides governance, monitoring, and audit logging. It sits between your AI agent and the tools it can use, allowing you to discover what it's been doing, protect against risky actions, and review activities over time.

How does Node9 work with MCP servers?

Node9 can wrap any MCP server transparently using its MCP gateway feature. The agent sees the same server, but Node9 intercepts every tool call to provide monitoring and governance. It also includes MCP tool pinning to prevent 'rug pull' attacks where servers might change their tool definitions unexpectedly.

On Hacker News

Recent discussion from the developer community.

• Node9 – A "sudo" wrapper for AI agents with auto Git snapshots▲ 2💬 1
  Story by nadav_tal · 2026-03-19

Compare node9-proxy with