Deterministic Allowlisting
Your CISO needs to control which MCP servers your AI agents can reach. Allowlist mode enforces that perimeter — deterministically, at the network layer, before any unapproved skill can execute.
What your CISO requires before any MCP deploymentEnterprise security policies increasingly mandate a pre-approved capability registry before AI agents are permitted to act on internal systems. Without it, any model can call any tool — including ones your security team has not reviewed. Allowlist mode closes that gap.
Operating Modes
| Mode | Behavior | Best for | State |
|---|
| disabled | No filter. All skills callable. | Default. Dev/test environments. | open |
| allowlist | Only explicitly listed slugs and/or sectors are callable. All others blocked. | Highest-security deployments. CISO-mandated perimeters. | allowlist |
| blocklist | All skills callable except listed slugs. | Targeted exclusions with an otherwise open perimeter. | blocklist |
Enforcement Order (every tools/call)
01
Authentication
Caller identity verified and revocation-checked. Invalid or revoked credentials are refused before any further work.
02
Perimeter checkthis feature
The requested skill is matched against the buyer's allowlist / sector / blocklist configuration. Denied requests are refused and logged.
03
Injection inspection
Tool arguments pass through Prompt Shield (see /security/prompt-shield) before any executor is touched.
04
Execution / passthrough
First-party skills run from the verified catalog. External tools are proxied through the trust-state gate.
What a blocked call looks like
The agent receives a structured permission-denied response over the same MCP transport — no payload leakage, no detail about the rule that fired. The blocked event is recorded for audit, and the operator sees it surfaced in the Lodge security log. Exact error codes, log table names, and rule-engine internals are intentionally not published here; enterprise buyers under NDA receive the full schema in the operator handbook.
Compliance Relevance
SOC 2 Type II
Allowlist mode provides a documented, auditable record of which AI capabilities are approved for use. Satisfies CC6.1 (logical access control) and CC7.2 (monitoring) when combined with invocation logs.
ISO 27001
Supports A.9 Access Control by restricting which AI tools can be invoked and providing a deny-by-default mode consistent with least-privilege principles.
NIST AI RMF
Addresses GOVERN 1.7 and MANAGE 2.2: organizations should control which AI capabilities are deployed in production and continuously monitor their use.
Enterprise AI Policy
Many Fortune-500 AI policies require a pre-approved tool registry before any LLM agent can act on internal systems. Allowlist mode enforces that registry programmatically.
Ready to enforce your perimeter?
Configure your allowlist in the SkiLodge. Combined with Prompt Shield, it forms the full Zero-Trust Gateway your security team needs.
☠ HACKED & SECURED BY THE MISFITS ☠