Shepgate
AI governance gateway that sits between AI agents (Claude Desktop, Windsurf, etc.) and external tools (GitHub, databases, APIs).
Installation
npx shepgateAsk AI about Shepgate
Powered by Claude Β· Grounded in docs
I know everything about Shepgate. Ask me about installation, configuration, usage, or troubleshooting.
0/500
Reviews
Documentation
ShepGate
The safe front door for AI tools.
Demo β’ Quick Start β’ Features β’ Pricing β’ Roadmap
What is ShepGate?
ShepGate is an AI governance gateway that sits between AI agents (Claude Desktop, Windsurf, etc.) and external tools (GitHub, databases, APIs). It gives you:
- π Policy Control β Define what AI can do: allow, require approval, or block
- β Approval Workflows β Review risky actions before they execute
- π Activity Logging β Complete audit trail of every AI action
- π Secrets Management β Encrypted credential storage (AES-256-GCM)
- π MCP Integration β Works with any Model Context Protocol host
The Problem
AI agents are powerful, but giving them unrestricted access to your tools is risky:
- What if Claude accidentally deletes a production database?
- How do you know what actions your AI assistant took?
- How do you share API keys without exposing them?
The Solution
ShepGate acts as a policy layer between AI and your systems:
βββββββββββββββ βββββββββββββββ βββββββββββββββ
β Claude ββββββΆβ ShepGate ββββββΆβ GitHub β
β Desktop β β (Gateway) β β Slack β
β βββββββ βββββββ Database β
βββββββββββββββ βββββββββββββββ βββββββββββββββ
β
ββββββββ΄βββββββ
β Dashboard β
β - Policies β
β - Approvalsβ
β - Logs β
βββββββββββββββ
Demo
https://github.com/user-attachments/assets/placeholder-demo-video
Coming Soon: Live demo video showing Claude Desktop β ShepGate β GitHub flow
Features
β Working in MVP
| Feature | Description |
|---|---|
| Policy Engine | Three-tier risk levels: safe (auto-execute), needs_approval (human review), blocked (always deny) |
| Approval Workflow | Pending actions queue with approve/deny from web dashboard |
| Activity Logging | Every tool call logged with agent, arguments, result, timestamp |
| Secrets Vault | AES-256-GCM encrypted storage for API keys and tokens |
| MCP Host | Stdio-based MCP server for Claude Desktop integration |
| Web Dashboard | Manage servers, tools, agents, and approvals |
π§ Roadmap
| Feature | Status | Target |
|---|---|---|
| Multi-user auth | Planned | v0.2 |
| Team workspaces | Planned | v0.2 |
| VS Code extension | Planned | v0.3 |
| Hosted cloud version | Planned | v0.4 |
| Billing & usage limits | Planned | v0.4 |
Quick Start
Prerequisites
1. Clone and Install
git clone https://github.com/golden-sheep-ai/shepgate.git
cd shepgate
pnpm install
2. Configure Environment
cp .env.example .env
Edit .env with your database URL:
DATABASE_URL="postgresql://user:pass@localhost:5432/shepgate"
ENCRYPTION_KEY="your-32-byte-hex-key"
MVP Note: No authentication required. The dashboard is open access to reduce friction.
3. Setup Database
# Run migrations
pnpm db:migrate
# (Optional) Seed with test data
pnpm db:seed
4. Start the Dashboard
pnpm dev
Open http://localhost:3000 β you'll land directly on the dashboard!
5. Connect Claude Desktop
Add to your Claude Desktop config (%APPDATA%\Claude\claude_desktop_config.json on Windows):
{
"mcpServers": {
"shepgate": {
"command": "cmd",
"args": ["/c", "path\\to\\shepgate\\scripts\\claude-launcher.bat"]
}
}
}
Restart Claude Desktop. You should see ShepGate's tools available!
Architecture
shepgate/
βββ src/
β βββ app/ # Next.js App Router
β β βββ api/ # REST API routes
β β βββ (dashboard)/ # Dashboard pages
β β βββ login/ # Auth pages
β βββ components/ # React components
β βββ lib/ # Core logic
β βββ policy.ts # Policy engine
β βββ execution.ts # Tool execution
β βββ secrets.ts # Encryption
β βββ mcp-client.ts # MCP SDK wrapper
βββ scripts/
β βββ mcp-host.ts # MCP host for Claude
βββ prisma/
β βββ schema.prisma # Database schema
βββ .specify/ # Spec-driven docs
Pricing
ShepGate uses a freemium model designed for non-technical founders.
| Tier | Price | Agents | Servers | Best For |
|---|---|---|---|---|
| Free | $0/mo | 1 | 2 | Solo founders testing |
| Pro | $19/mo | 5 | 10 | Serious builders |
| Scale | $49/mo | 20 | Unlimited | Growing teams |
MVP Note: v0.1 is free with no limits. Pricing tiers coming in v0.2.
See Business Model for full details.
Tech Stack
| Layer | Technology |
|---|---|
| Runtime | Node.js 22 LTS |
| Language | TypeScript 5 |
| Framework | Next.js 16 (App Router) |
| Database | PostgreSQL |
| ORM | Prisma |
| MCP SDK | @modelcontextprotocol/sdk |
| Auth | None (MVP is open access) |
| Encryption | AES-256-GCM via Node.js crypto |
Documentation
- Getting Started Guide β Full setup walkthrough
- Claude Desktop Integration β Detailed Claude setup
- API Reference β REST API documentation
- Policy Configuration β How to configure risk levels
Contributing
We welcome contributions! Please see CONTRIBUTING.md for guidelines.
# Run tests
pnpm test
# Run linter
pnpm lint
# Type check
pnpm type-check
License
MIT License β see LICENSE for details.
About
Built by Golden Sheep AI β Making AI agents safer for everyone.
ShepGate is part of the Golden Sheep AI ecosystem:
- ShepGate β AI governance gateway (this project)
- ShepLang β Natural language spec compiler
- ShepLight β Lightweight AI observability
- ShepVerify - Your Code Quality at a Glance
β Star us on GitHub if you find this useful!