Agent security becomes real when it reaches the places agents already act: MCP servers, CI jobs, automation workflows, chat approvals, ITSM tickets, and compliance evidence systems. ActPass should not replace those platforms. It should sit at the action boundary and make each risky step prove it is allowed.
1. MCP servers: scan, baseline, proxy
MCP is the fastest path to useful agent power and the fastest path to accidental blast radius. Start by scanning the agent's MCP config, committing a baseline, and routing risky servers through the ActPass proxy.
npm run actpass -- scan --mcp mcp.json --format markdown --out actpass-scan.md
npm run actpass -- scan --mcp mcp.json --format json --out actpass.lock[mcp_servers.guarded-server]
command = "actpass"
args = ["mcp", "proxy", "--config", "actpass.gateway.json"]
env = { ACTPASS_GATEWAY_KEY = "<gateway-key>" }Monitor first. Enforce after the allow, deny, and approval paths have been exercised.
2. GitHub Actions: make tool drift reviewable
Agent tool changes should look like any other security-relevant code change. Run the ActPass scan action on pull requests and fail when high-risk drift appears.
- uses: actpass/scan-action@v1
with:
mcp-config: mcp.json
fail-on: high
env:
GITHUB_TOKEN: ${{ github.token }}3. n8n: put preflight before risky nodes
n8n workflows are where agentic automation becomes operational. Add an ActPass Preflight Action before nodes that can run commands, call payments, mutate CRM data, update tickets, or send external messages.
Preflight Action
-> risky workflow node
-> Record Evidence
Require Approval
-> Wait for Approval
-> risky workflow node4. Slack and Teams: approve where reviewers already are
If a policy returns require_approval, send the approval to Slack or Teams. The card is a review surface, not the source of truth. The callback must verify the platform signature or bot token and then decide the ActPass approval by id.
5. ServiceNow: move production change into ITSM
For enterprise and regulated teams, risky agent actions often need change-management workflow. Map ActPass approvals to ServiceNow change requests, store the ActPass evidence id on the ticket, and send the approved or rejected state back to ActPass.
6. Vanta and Drata: export proof, not screenshots
Compliance buyers do not need another policy screenshot. They need evidence that the control operated: policy decision, protected action, reviewer, timestamp, drift result, and failed-closed events. Export that shape to Vanta or Drata.
Oracle belongs on the future roadmap
Oracle agent security is worth planning, especially for financial operations, HR, procurement, analytics, and OCI-hosted automation. But it should come after a design partner confirms the exact Oracle surface: Fusion ERP/HCM/SCM, Oracle Integration Cloud, database agents, or OCI agent workflows.
The first Oracle milestone should be a threat model and integration design, not a broad connector build.
The rollout order
- One fintech or financial-services design partner.
- One high-risk MCP or n8n workflow.
- Slack or Teams approval.
- GitHub Action drift gate.
- Vanta or Drata evidence export.
- ServiceNow bridge for enterprise change management.
- Oracle only after real buyer pull.
That order keeps the product close to the runtime risk and away from integration sprawl. The shortest path to trust is one protected action with one clear receipt.