product

The governance layer your AI agents don't have

Agents discover and call tools. Neurelay adds what's missing — identity, policy, enforcement, and audit. The same pattern API gateways brought to REST.

Same agent. Same MCP servers. Access controlled entirely by policy.

direct mcp — no governance

27 tools

Agent connects directly to CRM + Billing servers.

Sees everything. Including:

✗ issue_refund

✗ cancel_subscription

✗ deactivate_customer

✗ export_customer_data

✗ merge_customers

✗ void_invoice

Prompt injection = full damage.

via neurelay — read-only policy

10 tools

Agent connects via Neurelay with policy.

Only sees what's granted:

✓ get_customer

✓ search_customers

✓ get_invoice

✓ get_subscription

✓ get_payment_history

+ 5 more read-only

Destructive tools don't exist in agent's world.

via neurelay — no policy

0 tools

API key exists but no policy attached.

Agent discovers nothing.

✗ (empty)

Fail-closed by design. Most systems fail open. Neurelay doesn't.

Direct MCP — 27 tools exposed Via Neurelay — 10 tools filtered No policy — zero tools

How it fits

Your agents connect to Neurelay instead of directly to tool servers. Neurelay connects to the servers on their behalf — scoped by policy.

AI Agent
│ API Key + Policy
Neurelay Gateway
Discovery filtering · Policy enforcement · Audit logging
CRM
14 tools
Billing
14 tools
Clinical
13 tools
GitHub
41 tools
109 tools across 6 MCP servers · Agent sees only what policy allows

What you control

blueprints

Tool server registry

Register your MCP servers as blueprints. Each blueprint captures the server's tools, connection configuration, authentication, and metadata. Import from a URL, Claude Desktop config, or JSON.

  • · Auto-sync tools from connected servers
  • · CRM, Billing, HR, Clinical Trials, Compliance, GitHub — any domain
  • · A2A agent protocol support coming soon
7 MCP blueprints registered across domains
Blueprint catalogue — 7 servers across CRM, Billing, HR, Clinical, Compliance, Slack, GitHub
 Import blueprint from URL or JSON
Import — paste an MCP server URL, Claude Desktop config, or full blueprint JSON
 Choose blueprint type — Tool or Agent
Blueprint types — MCP Tool servers today, A2A Agent support coming soon

connections

Full MCP spec with stage & production

Each blueprint stores transport type, base URL, authentication, and configuration schema. Create staging and production connections from the same blueprint. Credentials stay in the gateway — agents never hold backend secrets.

  • · Streamable HTTP and SSE transports
  • · Separate connections per environment
  • · Tools sync per connection
CRM blueprint detail
Blueprint detail — metadata, transport, authentication, user configuration schema
 6 connections across staging and production
Connections — production and staging instances, status monitoring, tool sync

policies

Fine-grained access control

Policies define which tools a credential can access. Pick from the full tool catalogue — everything not selected is invisible to the agent. Default deny.

  • · Select tools across multiple MCP servers in one policy
  • · Agents only discover what the policy allows
  • · Instant policy updates — no agent restart
Policy editor — available tools on left, issue_refund highlighted
Policy editor — all available tools on the left, selected policy tools on the right
 Policy with read-only tools selected from CRM and Billing
Read-only policy — safe tools selected, destructive tools like issue_refund left out
 Policies list — Support Agent 15 tools, Code Review 30 tools
Policies — each scopes access differently. Support Agent: 15 tools. Code Review: 30 tools.

api keys

One key, one policy, one endpoint

Each agent gets an API key linked to a policy. The agent connects to Neurelay's MCP endpoint — not to individual servers. One key is the entire access boundary.

  • · Assign policies to API keys from a dropdown
  • · Expiration controls
  • · Revoke instantly — kill switch
Create API key dialog
Create API key — name, expiration, linked to a policy
 Assign policy to API key
Policy assignment — dropdown links key to a specific policy
 API keys with linked policies
API keys — each key linked to a policy, status and last used tracking

audit

Full trail & kill switch

Every action logged — policy created, key attached, tools synced, access revoked. Who did what, when, and why. The trail your compliance team needs.

  • · Compliance-ready audit trail
  • · Instant revocation — one click, no agent reconfiguration
  • · Incident response with full history
Audit log with events, actors, policies, timestamps
Audit log — every action tracked with actor, policy reference, and timestamp

discovery

Smarter tool discovery

Every tool in the discovery response costs tokens and increases the chance the agent picks the wrong one. We call this the hallucination tax — more tools, worse decisions. Neurelay cuts it at three levels.

  • · Policy filtering — agents only see authorised tools, not the full catalogue
  • · Description tuning — edit tool descriptions from the dashboard, no redeploy
  • · Fewer tools in context = fewer tokens = better selection = fewer failed calls
Full tool catalogue — 14 CRM tools including destructive operations like deactivate_customer and merge_customers
Full tool catalogue — every tool visible, including destructive operations. Without policy filtering, an agent sees all of these.

Ready to govern your agent tools?

Get early access to the platform.

Get early access