AI Toolkit
Authorization for AI‑native developers.
Install the Vengtoo toolkit in your AI coding agent. Run /vengtoo and your project gets a working authorization layer — SDK installed, middleware wired, policies scaffolded. No context switching, no boilerplate.
One command to integrate.
Install the toolkit in Claude Code, GitHub Copilot, or any MCP-compatible agent. Run /vengtoo and it reads your codebase, installs the right SDK for your language, wires middleware into your existing routes, and creates a starter policy file.
Works with Express, Gin, FastAPI and most other popular frameworks. If yours isn't auto-detected, the toolkit prompts you and adapts.
# Install the toolkit once /plugin install vengtoo@vengtoo-toolkit # In any project /vengtoo ✔ Detected: Node.js / Express ✔ Installing @vengtoo/sdk... ✔ Wiring authorization middleware... ✔ Writing vengtoo.yaml... ✔ Ready Add this to protect a route: app.use(vengtoo.authorize())
Everything in the toolkit
Eight skills covering setup, policies, debugging, and MCP wiring.
| Command | What it does |
|---|---|
| /vengtoo | Full setup. Installs SDK, wires authorization middleware, scaffolds policy file. Run this first. |
| /vengtoo-policies | Reviews your existing policies for gaps, redundancies, or missing actions based on your routes. |
| /vengtoo-agent | Adds the Vengtoo Agent to your Docker Compose or Kubernetes config and points your SDK at it. |
| /vengtoo-audit | Queries your decision log and explains recent allow/deny outcomes in plain language. |
| /vengtoo-check | Runs an authorization check inline — useful for verifying a policy before shipping. |
| /vengtoo-rbac | Scaffolds a role-based access control model for a resource type you describe. |
| /vengtoo-abac | Scaffolds an attribute-based access control policy using your entity attributes. |
| /vengtoo-mcp | Wires the Vengtoo MCP server into your agent configuration for tool-level gating. |
MCP
Gate what your AI agents can do.
The Vengtoo MCP server exposes an authorization tool that any MCP-compatible agent can call before taking an action. Run /vengtoo-mcp to wire it automatically, or add it manually to your MCP config.
Every tool call the agent makes is subject to your Vengtoo policies. Deny a tool, and the agent can't use it — even if it tries.
{
"mcpServers": {
"vengtoo": {
"command": "vengtoo-mcp",
"env": {
"VENGTOO_API_KEY": "${VENGTOO_API_KEY}",
"VENGTOO_APP_ID": "${VENGTOO_APP_ID}"
}
}
}
}