How to integrate AIP with your development environment and AI tools.
Cursor natively supports MCP servers. AIP wraps your MCP servers with policy enforcement.
-
Build AIP:
cd proxy make build -
Create a policy (
~/.config/aip/my-policy.yaml):apiVersion: aip.io/v1alpha1 kind: AgentPolicy metadata: name: cursor-policy spec: mode: enforce allowed_tools: - read_file - list_directory - search_files tool_rules: - tool: write_file action: ask # Prompt for approval - tool: exec_command action: block
-
Generate Cursor config:
./bin/aip --generate-cursor-config \ --policy ~/.config/aip/my-policy.yaml \ --target "npx @modelcontextprotocol/server-filesystem /path/to/workspace"
-
Add to Cursor settings (
~/.cursor/mcp.json):{ "mcpServers": { "protected-filesystem": { "command": "/path/to/aip", "args": [ "--policy", "/Users/you/.config/aip/my-policy.yaml", "--target", "npx @modelcontextprotocol/server-filesystem /path/to/workspace" ] } } } -
Restart Cursor to load the new MCP server.
For your Kubernetes GPU MCP server:
# gpu-policy.yaml
apiVersion: aip.io/v1alpha1
kind: AgentPolicy
metadata:
name: k8s-gpu-policy
spec:
mode: enforce
allowed_tools:
- list_gpus
- get_gpu_metrics
- list_pods
tool_rules:
- tool: list_gpus
rate_limit: "10/minute"
- tool: run_training
action: ask
- tool: delete_pod
action: blockGenerate config:
./bin/aip --generate-cursor-config \
--policy ./gpu-policy.yaml \
--target "/path/to/k8s-gpu-mcp-server"-
Ask Cursor: "List my GPUs."
- Tool:
list_gpus - Policy: Allowed with rate limit
- Result: ✅ Success
- Tool:
-
Ask Cursor: "Run a training job on GPU 0."
- Tool:
run_training - Policy:
action: ask - Result: 🔔 Popup appears
- Click "Deny" → ❌ "User Denied"
- Tool:
VS Code doesn't have native MCP support, but you can use AIP with extensions like Continue or Cody.
-
Install Continue extension
-
Configure Continue to use your MCP server via AIP:
// ~/.continue/config.json { "models": [...], "mcpServers": { "protected-server": { "command": "/path/to/aip", "args": [ "--policy", "/path/to/policy.yaml", "--target", "your-mcp-server-command" ] } } }
Claude Desktop supports MCP servers through its configuration.
-
Locate config file:
- macOS:
~/Library/Application Support/Claude/claude_desktop_config.json - Windows:
%APPDATA%\Claude\claude_desktop_config.json
- macOS:
-
Add AIP-wrapped server:
{ "mcpServers": { "protected-tools": { "command": "/path/to/aip", "args": [ "--policy", "/path/to/policy.yaml", "--target", "npx @modelcontextprotocol/server-filesystem /" ] } } } -
Restart Claude Desktop.
Run AIP directly to wrap any MCP server:
# Basic usage
./aip --target "python my_server.py" --policy policy.yaml
# Verbose mode for debugging
./aip --target "npx @mcp/server" --policy policy.yaml --verbose
# Monitor mode (dry run)
./aip --target "docker run mcp/server" --policy monitor-policy.yamlTest with manual JSON-RPC:
echo '{"jsonrpc":"2.0","method":"tools/call","params":{"name":"list_files"},"id":1}' | \
./aip --target "python echo_server.py" --policy policy.yaml --verbose# All events
cat aip-audit.jsonl | jq '.'
# Blocked requests only
cat aip-audit.jsonl | jq 'select(.decision == "BLOCK")'
# Tool usage summary
cat aip-audit.jsonl | jq -r '.tool' | sort | uniq -c | sort -rn# Dockerfile
FROM golang:1.23-alpine AS builder
WORKDIR /app
COPY implementations/go-proxy/ .
RUN go build -o /aip ./cmd/aip-proxy
FROM alpine:latest
RUN apk --no-cache add ca-certificates
COPY --from=builder /aip /usr/local/bin/aip
ENTRYPOINT ["aip"]Build:
docker build -t aip:latest .# Mount policy and run
docker run -v $(pwd)/policy.yaml:/policy.yaml \
aip:latest \
--policy /policy.yaml \
--target "your-mcp-command"# docker-compose.yaml
version: '3.8'
services:
mcp-proxy:
image: aip:latest
volumes:
- ./policy.yaml:/policy.yaml:ro
- ./audit:/var/log/aip
command:
- --policy
- /policy.yaml
- --target
- "python /app/server.py"
- --audit
- /var/log/aip/audit.jsonl
stdin_open: true
tty: trueDeploy AIP as a sidecar container alongside your MCP server:
# deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: mcp-server
spec:
template:
spec:
containers:
# Main MCP server
- name: mcp-server
image: your-mcp-server:latest
# Server listens on stdio or a socket
# AIP sidecar
- name: aip-proxy
image: aip:latest
args:
- --policy
- /config/policy.yaml
- --target
- "nc localhost 8080" # Connect to main server
- --audit
- /var/log/aip/audit.jsonl
volumeMounts:
- name: policy
mountPath: /config
- name: audit
mountPath: /var/log/aip
volumes:
- name: policy
configMap:
name: aip-policy
- name: audit
emptyDir: {}# configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: aip-policy
data:
policy.yaml: |
apiVersion: aip.io/v1alpha1
kind: AgentPolicy
metadata:
name: k8s-policy
spec:
mode: enforce
allowed_tools:
- list_pods
- get_logs
tool_rules:
- tool: delete_pod
action: blockA Helm chart is planned for easier Kubernetes deployment. Track progress in GitHub Issues.
| Issue | Solution |
|---|---|
| "Policy file not found" | Use absolute path to policy.yaml |
| "Empty response from server" | Check target command is correct |
| "Permission denied" | Ensure aip binary is executable |
| "Headless environment" | action: ask will auto-deny without display |
Enable verbose logging to diagnose issues:
./aip --target "..." --policy policy.yaml --verbose 2>debug.logCheck debug.log for detailed message flow.
# Recent blocked requests
tail -100 aip-audit.jsonl | jq 'select(.decision == "BLOCK")'
# DLP events
jq 'select(.event_type == "DLP_TRIGGERED")' aip-audit.jsonl