# Runlayer MCP

> Runlayer is an enterprise control plane for governing your MCP ecosystem. It lets you manage all AI agents, servers, and security policies from one place. Your agent can onboard new MCP endpoints, audit access logs, and scan for unauthorized 'shadow AI' without ever touching a dashboard. It’s the central point of record for who talks to what.

## Overview
- **Category:** friends-mcp
- **Price:** Free
- **Tags:** mcp-server, governance, policy-management, agent-lifecycle, security-guardrails, infrastructure-control

## Description

Runlayer isn't an AI itself; it’s your enterprise control plane. It governs every piece of infrastructure that talks to your models—the security guard for all your model endpoints. When you use this, you manage your entire MCP ecosystem from one place. You never have to touch a dashboard to get a full picture.

To start, you can check the whole setup with `get_organization`, or see who's on the payroll by calling `list_members`. If you need an inventory of connected servers, use `list_mcp_servers`; for details on any specific endpoint, just run `get_mcp_server` using its UUID. You can also get a rundown of every registered AI agent with `list_agents`, or check the detailed status of one particular agent by running `get_agent`. When you need to add capacity, you use `create_mcp_server` to onboard a new endpoint, or you call `update_mcp_server` to change credentials without taking the service offline. If an endpoint is dead weight, you decommission it using `delete_mcp_server`. Similarly, when you build out your workforce, you register agents with `create_agent`, and you can adjust their rights later by calling `update_agent`; if an agent leaves or gets compromised, you use `delete_agent` to sever all its connections.

Security is where this thing shines. You define rules using `create_policy` and apply them across groups of resources; you can refine those access controls later with `update_policy`. If a policy needs to go, `delete_policy` takes it out, but the governed resources keep running under whatever rule set they're currently on. For credential control, you generate unique keys using `create_api_key`, which you must save right away. You track all existing credentials with `list_api_keys`, and if there’s an incident, you immediately cut off access with `revoke_api_key`. The system also handles capabilities: you define reusable functions as Skills via `create_skill`, letting multiple agents use the same approved logic without duplicating code. To manage these standardized pieces, you can get details using `get_skill` or list available skills with `list_skills`; if a skill is deprecated, you delete it using `delete_skill`. You update its definition using `update_skill` when necessary.

The auditing mechanisms are airtight. You track every damn thing that happens by calling `get_audit_logs`, giving you a chronological log of exactly who did what and when across the organization. For proactive security, you run a full system audit scan with `run_mcp_sweep_scan` to detect unauthorized endpoints or 'shadow AI,' then review all findings using `get_scan_results`. You can also view a summary of all defined policies and how many violations they've seen by running `list_policies`. To maintain governance, you use the centralized tools: you add new standardized code blocks with `create_skill`, update them with `update_skill`, or delete them with `delete_skill`.

This system gives you total control over your whole stack. You can get a full overview of all registered skills using `list_skills`. If you need to remove an agent from the governance record, you use `delete_agent`. You manage every component—agents, policies, servers, and capabilities—through structured API calls. This lets your AI client perform these actions directly without ever needing to click through a dashboard.

## Tools

### create_api_key
Generates and stores a unique API key for external services, which must be saved immediately after creation.

### create_agent
Registers a new AI agent type (e.g., Claude or Cursor) to the control plane with defined security rules.

### revoke_api_key
Immediately disables a key using its ID. This is used during security incidents when an API key must be cut off instantly.

### create_mcp_server
Adds a new MCP endpoint to the governance system by providing its name and connection details.

### create_policy
Establishes a formal security rule or access requirement that must be followed by all connected agents and servers.

### create_skill
Defines a reusable capability, standardizing code blocks so multiple agents can use the same approved function.

### delete_agent
Removes an AI agent from governance. This action disconnects it from all servers and policy assignments.

### delete_mcp_server
Decommissions a registered MCP server, automatically removing its links to agents and policies.

### delete_policy
Removes an access control policy. Resources governed by this policy will no longer enforce these rules.

### delete_skill
Deletes a standardized skill definition, leaving the underlying MCP servers available for new use cases.

### get_agent
Retrieves detailed status information about one specific AI agent, including its assigned resources and compliance standing.

### get_audit_logs
Returns a chronological log of all actions taken across the organization, detailing who did what and when.

### get_mcp_server
Fetches detailed configuration data for one specific MCP server by its UUID, verifying its current status.

### get_organization
Retrieves an overview of the entire Runlayer setup, confirming overall organizational settings and resource inventory.

### get_scan_results
Displays the findings from a previous network sweep scan, specifically listing discovered policy violations or unauthorized services.

### get_skill
Gets detailed information about a specific Skill, showing its usage count and which servers it requires to run.

### list_api_keys
Shows a complete inventory of all API keys used by your services, helping you identify unused or compromised credentials.

### list_agents
Lists all registered AI agents in the organization with key details like type, assigned servers, and policy compliance status.

### list_mcp_servers
Provides an initial overview of every registered MCP server in the organization, including its UUID and operational state.

### list_members
Lists all user accounts associated with your Runlayer instance for role auditing or access review.

### list_policies
Displays a summary of all defined security policies, showing their enforcement status and current violation counts across resources.

### list_skills
Lists available standardized skills, detailing which underlying MCP servers each skill depends on for execution.

### run_mcp_sweep_scan
Initiates a full-system audit scan to proactively detect 'shadow AI' or any MCP server operating outside defined policies.

### update_agent
Modifies an existing agent’s configuration, allowing you to adjust its access rights without deleting and recreating the entire profile.

### update_mcp_server
Updates a server's operational parameters—like rotating credentials or changing policy associations—without service downtime.

### update_policy
Refines an existing security rule, enabling you to tighten access controls or adjust audit requirements for specific resources.

### update_skill
Updates a standardized skill's definition, letting you modify its documentation or change the underlying MCP servers it calls.

## Prompt Examples

**Prompt:** 
```
Show me all MCP servers registered in our organization and their security status
```

**Response:** 
```
I'll list all registered MCP servers with their compliance status and policy assignments.
```

**Prompt:** 
```
Run a shadow AI discovery scan across our organization and show me the findings
```

**Response:** 
```
I'll initiate the MCP sweep scan and retrieve all discovered unauthorized resources.
```

**Prompt:** 
```
Create a new policy that restricts MCP server access to only approved developers
```

**Response:** 
```
I'll create a security policy with rules limiting MCP server access to authorized personnel.
```

## Capabilities

### Audit and Visibility
Retrieve complete audit trails (`get_audit_logs`) and run full network scans (`run_mcp_sweep_scan`) to identify every connected resource, including unauthorized endpoints.

### Server Lifecycle Management
Register new MCP servers (`create_mcp_server`), update their credentials (`update_mcp_server`), or decommission them entirely using the API.

### Agent Onboarding and Control
Onboard, configure, or delete AI agents (e.g., `create_agent`, `delete_agent`) while assigning specific permissions to each one.

### Security Policy Definition
Define granular access rules (`create_policy`) and apply them across entire groups of servers or agents, ensuring least privilege is maintained.

### Capability Standardization
Codify reusable functions as Skills (`create_skill`), so multiple agents can use the same approved piece of logic without duplicating code.

## Use Cases

### The Compliance Check
A Compliance Manager needs proof that no unauthorized AI tools are accessing customer data. Instead of manually checking 20 dashboards, they tell their agent: 'Run a scan for policy violations.' The agent calls `run_mcp_sweep_scan` and then uses `get_scan_results`, instantly delivering a report listing every unapproved MCP server.

### The Server Decommission
A Platform Engineer is retiring an old service endpoint. They don't just delete it; they use the agent to call `delete_mcp_server`. This action automatically checks and disconnects all associated agents and policies, preventing orphaned access rights.

### The Access Review
An AI Governance Officer needs to know who has read access to a sensitive database. They ask their agent to `get_audit_logs` for that resource over the last quarter. The system returns a full list of users and agents, letting them identify exactly which accounts need revocation via `revoke_api_key`.

### The Capability Reuse
A company has several microservices needing to perform date formatting (a common task). Instead of coding it into every service, the engineer uses `create_skill` to standardize the logic. Now all agents can call that skill ID for consistent, governed execution.

## Benefits

- Instant Shadow AI Discovery: Use `run_mcp_sweep_scan` to find unauthorized endpoints immediately. This is key for compliance teams who can't afford unexpected data leaks from unmanaged services.
- Full Audit Trail Access: The `get_audit_logs` tool provides a single, chronological source of truth. You don't have to piece together access history from ten different system logs; you just ask your agent.
- Controlled Agent Lifecycle: Instead of manually managing permissions, use `create_agent`, `update_agent`, and `delete_agent`. Your AI client handles the complexity of assigning servers and policies automatically.
- Policy-as-Code Enforcement: Define access rules with `create_policy` and enforce them system-wide. You can't just *tell* your team to follow the rules; Runlayer forces it using these tools.
- Operational Flexibility: Need to change a server credential? Use `update_mcp_server`. You modify the endpoint without needing maintenance windows or downtime.

## How It Works

The bottom line is: it turns complex infrastructure maintenance from clicking through multiple dashboards into simple conversational commands sent to one central endpoint.

1. First, generate an Organization API Key from the Runlayer dashboard. You need this key to authorize your agent's commands.
2. Next, connect your preferred AI client (your agent) and configure its host URL with your organization's Runlayer instance address.
3. Finally, you prompt your agent using natural language—e.g., 'Run a scan for unauthorized servers.' The agent converts that command into the necessary tool calls.

## Frequently Asked Questions

**How do I check for unauthorized MCP servers using Runlayer? (run_mcp_sweep_scan)**
You run the `run_mcp_sweep_scan` tool. This initiates a system-wide audit that discovers endpoints not explicitly registered, which are often 'shadow AI' services running outside your governance control.

**What is the difference between list_mcp_servers and get_mcp_server? (list_mcp_servers)**
Listing servers (`list_mcp_servers`) gives you a comprehensive inventory of all registered UUIDs. Getting details (`get_mcp_server`) requires knowing a specific server's UUID and pulls its deep configuration data.

**Can I restrict an agent’s access to only certain servers? (create_agent)**
Yes. When you use `create_agent`, you specify which MCP servers are allowed for that agent, ensuring it can't interact with restricted endpoints.

**How do I review my current security policies in Runlayer? (list_policies)**
Use the `list_policies` tool. It shows every defined rule, along with metrics like enforcement status and how many violations have been logged against those rules.

**If I delete a policy, what happens to the resources? (delete_policy)**
Using `delete_policy` means that all resources previously governed by it immediately lose those specific security and access restrictions. Confirming this before deletion is critical.

**What should I do if an API key is compromised? How does `revoke_api_key` work?**
The key is immediately invalidated upon execution. This action cannot be reversed, so always use it for suspicious or unused keys to secure your organization's data.

**How detailed are the records I get when running `get_audit_logs`?**
The logs provide complete details: timestamps, who performed the action (actor identity), what was done (action type), which resource was affected, and the final outcome. This is essential for compliance reporting.

**If I modify a reusable capability using `update_skill`, are agents or servers still connected to it?**
Yes, modifying the skill does not break existing connections. The system maintains those dependencies, ensuring that active agents and assigned MCP servers continue functioning with the updated definition.

**Do I need a Runlayer enterprise subscription to use this MCP?**
Yes, this MCP server requires an active Runlayer organization with API access. Runlayer is an enterprise-grade control plane, so you need a valid organizational subscription. Contact Runlayer sales to get started and obtain your organization API key.

**Can this MCP server detect unauthorized AI usage (shadow AI)?**
Yes! The run_mcp_sweep_scan tool initiates comprehensive shadow AI discovery across devices, detecting unauthorized MCP servers, OpenClaw installs, Skills, and agents. Results include policy violations and security risks across your organization's endpoints.

**What types of AI agents does Runlayer support?**
Runlayer supports Claude Desktop, Cursor, VS Code with Copilot, Windsurf, and custom AI agents. Each agent type can be registered with specific security policies, assigned MCP servers, and monitored through the audit trail. New agent types can be added as custom integrations.