Skip to main content
This guide walks you through installing AIP and running your first secured MCP server.

Prerequisites

Before installing AIP, ensure you have:
  • Go 1.21+ (for building from source)
  • Python 3.11+ or Node.js 20+ (for MCP servers)
  • An MCP-compatible AI client (Cursor IDE, Claude Desktop, VS Code)

Installation Methods

Install directly from the Go implementation repository:
go install github.com/openagentidentityprotocol/aip-go/cmd/aip@latest
Verify installation:
aip --version

Quick Start

1

Create a policy file

Create agent.yaml with a simple read-only policy:
apiVersion: aip.io/v1alpha1
kind: AgentPolicy
metadata:
  name: secure-agent
spec:
  mode: enforce
  allowed_tools:
    - read_file
    - list_directory
    - git_status
  tool_rules:
    - tool: write_file
      action: ask        # Human approval required
    - tool: exec_command
      action: block      # Never allowed
2

Start the AIP proxy

Wrap your existing MCP server:
# For a Python MCP server
aip --target "python mcp_server.py" --policy ./agent.yaml

# For a Node.js MCP server
aip --target "npx @mcp/server" --policy ./agent.yaml
The proxy will start on stdio and forward to your MCP server.
3

Configure your AI client

Generate configuration for your AI client:
# For Cursor IDE
aip --generate-cursor-config --policy ./agent.yaml --target "npx @mcp/server"
This outputs JSON configuration to add to your client’s MCP settings.
4

Test the policy

Try using a blocked tool in your AI client:
User: "Run the command 'rm -rf /'"
Agent: [attempts exec_command]
AIP: ❌ Permission Denied (logged to audit trail)

Verification

Check Policy Evaluation

Verify the proxy is enforcing policy: 
# Start in monitor mode to see what would be blocked
aip --target "python mcp_server.py" --policy ./agent.yaml --mode monitor
Monitor mode logs violations but allows them through - useful for testing.

View Audit Logs

Audit logs are written to aip-audit.jsonl by default: 
cat aip-audit.jsonl | jq
Example log entry: 
{
  "timestamp": "2026-03-03T16:32:00Z",
  "agent_id": "agent-abc123",
  "user": "[email protected]",
  "tool": "exec_command",
  "arguments": {"cmd": "rm -rf /"},
  "decision": "deny",
  "reason": "tool not in allowed_tools"
}

System Requirements

Performance

  • Memory: 10-20 MB per proxy instance
  • CPU: Minimal (less than 1% idle)
  • Disk: Audit logs grow at approximately 1KB per request

Supported Platforms

  • Linux: All distributions (amd64, arm64)
  • macOS: 10.15+ (Intel and Apple Silicon)
  • Windows: Windows 10+ (experimental)

Troubleshooting

If you see validation errors on startup:
# Validate your policy file
aip --validate-policy ./agent.yaml
Common issues:
  • Invalid YAML syntax
  • Unknown fields in spec
  • Regex compilation errors in allow_args
If the proxy can’t connect to your MCP server:
  • Verify the target command works standalone: python mcp_server.py
  • Check stdio/stderr output for errors
  • Ensure the MCP server implements the protocol correctly
For action: ask to work:
  • macOS: Requires terminal to have accessibility permissions
  • Linux: Requires zenity or kdialog installed
  • Windows: Not yet supported

Next Steps

Writing Policies

Learn to write comprehensive agent policies

DLP Configuration

Configure data loss prevention scanning

Deployment

Deploy AIP in production environments

Audit Logging

Set up compliance-ready audit trails

Build docs developers (and LLMs) love

Get started for freeTalk to us