Skip to content

Tools Reference

MCP Tools Reference

Once connected, Claude and other agents have these tools available. The server also injects enforcement rules into Claude's context automatically on startup.

xybern_intercept

Check whether an action is allowed before executing it. Call this before any significant action, file writes, database changes, API calls, financial operations.

# Claude calls this automatically before sensitive actions
xybern_intercept(
    action_type="execute_trade",
    action_content="Buy 500 AAPL at market price",
    metadata='{"symbol": "AAPL", "qty": 500, "notional_usd": 95000}',
    chain_id="workflow_xyz",
    chain_step=2,
)
# Returns: DECISION: ALLOW / BLOCK / ESCALATE
#          Trust score: 87/100
#          Reasoning: All checks passed
#          Decision ID: dec_abc123
#          Vault entry: ve_xyz789

xybern_preflight

Check a multi-step plan before committing. Claude describes what it intends to do and Xybern returns which steps would be blocked or escalated under current policies.

xybern_preflight(
    plan="""
    1. Query prod DB for all users created this week
    2. Export records to CSV
    3. Email CSV to analytics@company.com
    4. Delete records older than 90 days
    """
)
# Returns: PREFLIGHT RESULT
#          Overall assessment: ESCALATE
#          Analysis: Step 3 (PII export) would be blocked.
#          Step 4 (bulk delete) requires human approval.

xybern_wait_for_approval

Block until a human approves or rejects an escalated action in the Authorisation Layer dashboard. Claude pauses and waits, it will not proceed until resolution.

xybern_wait_for_approval(
    escalation_id="esc_abc123",
    timeout_seconds=300,
)
# Returns: APPROVED — You may proceed.
# or:      REJECTED — Do not proceed.

xybern_get_context

Read current workspace policies, agent trust level, active JIT windows, and delegation grants. Use this to understand what is currently allowed.

xybern_explain_block

Get a plain-English explanation of why an action was blocked, which policy triggered, and what options the user has to proceed.

xybern_request_temporal_window

Request a time-limited JIT permission window for elevated access. Recorded immutably in the vault.

xybern_request_temporal_window(
    scopes="database_write,file_delete",
    duration_minutes=30,
    reason="Emergency schema migration — ticket ENG-4521",
)

xybern_get_recent_decisions

Read recent enforcement decisions from the vault. Lets managers ask Claude "what did my agents do today?" directly.

xybern_get_recent_decisions(limit=20, decision_filter="block")