MCP budget enforcement tool
MCP Tool Cost Policy Generator
Generate request-path policy for MCP tools: per-tool prices, session budgets, expensive-tool caps, denial rules, revocation behavior, and audit trails before agents execute paid work.
Generated MCP policy
mcp_policy: cursor_github-tools
client: cursor
mcp_server: github-tools
mode: control
risk_profile: medium
budget:
per_session: 8.00 USD
per_tool_call_default: 0.25 USD
expensive_tool_cap: 2.00 USD
tools:
repo_search:
decision: allow
estimated_cost: 0.13 USD
issue_create:
decision: allow
estimated_cost: 0.25 USD
browser_search:
decision: budget_required
max_cost: 2.00 USD
deploy_prod:
decision: deny
controls:
on_session_budget_exhausted: block
on_tool_cost_unknown: require_budget_and_audit
on_loop_detected: block_and_revoke_session
on_sensitive_tool: require_explicit_policy
audit:
include:
- tenant
- agent
- client
- mcp_server
- tool
- estimated_cost
- remaining_budget
- policy_decision
- outcomeShow JSON version
{
"mcp_policy": "cursor_github-tools",
"client": "cursor",
"mcp_server": "github-tools",
"mode": "control",
"risk_profile": "medium",
"budget": {
"per_session_usd": 8,
"per_tool_call_default_usd": 0.25,
"expensive_tool_cap_usd": 2
},
"tools": {
"repo_search": {
"decision": "allow",
"estimated_cost_usd": 0.13
},
"issue_create": {
"decision": "allow",
"estimated_cost_usd": 0.25
},
"browser_search": {
"decision": "budget_required",
"max_cost_usd": 2
},
"deploy_prod": {
"decision": "deny"
}
},
"controls": {
"on_session_budget_exhausted": "block",
"on_tool_cost_unknown": "require_budget_and_audit",
"on_loop_detected": "block_and_revoke_session",
"on_sensitive_tool": "require_explicit_policy"
}
}What the policy should control
Per-tool economics
Attach cost to searches, browser sessions, cloud tasks, code agents, and paid APIs.
Risk actions
Block, route, revoke, or require explicit policy when unknown or sensitive tools appear.
Audit evidence
Record agent, MCP server, tool, cost, remaining budget, policy decision, and outcome.
Server unchanged
Wrap governance around existing MCP servers without rewriting every tool implementation.
MCP makes tools easy. SatGate makes them governable.
Route MCP traffic through SatGate to observe, control, and audit tool spend before autonomous agents trigger paid or risky work.