ToolMesh
The secure execution layer
for AI agent tool calls.
ToolMesh is an open-source middleware that sits between AI agents and your infrastructure. Authorization, credential security, audit trails, and content gating — in a single Go binary.
Nginx made web apps production-ready — reverse proxy, SSL, load balancing.
ToolMesh makes AI agent tool calls production-ready — authorization, credentials, audit, content gating.
Six Pillars
Any Backend
Connect existing MCP servers or describe REST APIs declaratively with DADL — no code required.
Code Mode
LLMs write typed JavaScript instead of error-prone JSON. Saves context window budget.
Audit
Every tool call is logged structurally and queryable via SQL. Full traceability.
Authorization
Fine-grained access control via OpenFGA. User → Plan → Tool relationships.
Credential Store
API keys and secrets are injected at runtime. The LLM never sees credentials.
Output Gate
JavaScript policies validate inputs and filter outputs. PII redaction, compliance enforcement.
DADL — No More MCP Server Boilerplate
DADL (Dunkel API Description Language) describes any REST API as MCP tools in a single YAML file. No code, no server, no deployment.
import { Server } from "@modelcontextprotocol/sdk";
import express from "express";
const app = express();
const server = new Server({ name: "github" });
server.setRequestHandler("tools/list", () => ({
tools: [{
name: "list_repos",
description: "List repositories",
inputSchema: {
type: "object",
properties: {
sort: {
type: "string",
enum: ["created", "updated"]
}
}
}
}]
}));
server.setRequestHandler("tools/call",
async (req) => {
const resp = await fetch(
"https://api.github.com/user/repos",
{ headers: {
Authorization: "Bearer " + TOKEN
}}
);
return { content: [
{ type: "text", text: await resp.text() }
]};
});
app.use(server.transport);
app.listen(3000);
// + error handling, pagination,
// retries, auth refresh, types...spec: "https://dadl.ai/spec/v0.1"
backend:
name: github
type: rest
base_url: https://api.github.com
auth:
type: bearer
credential: github_token
defaults:
pagination:
strategy: link_header
tools:
list_repos:
method: GET
path: /user/repos
description: "List repositories"
params:
sort:
type: string
enum: [created, updated]
DADL files are generated by LLMs — ask your AI for a .dadl file and it works instantly.
The first API description format that is AI-native created and AI-native consumed.
Caller-Origin — Know Who Is Calling
ToolMesh is the only known MCP gateway that differentiates which AI client triggers a tool call. CallerID + CallerClass enable tiered trust management.
| CallerClass | PII Filtering | Tool Access |
|---|---|---|
trusted | Credentials only | Full |
standard | High-risk PII + credentials | Full |
untrusted | All PII patterns | Sensitive tools blocked |
Production-Ready Authentication
Get Started
ToolMesh is open source and self-hosted. Run it with Docker or as a Go binary.