# Semantic GPS: Control Plane and Governance Gateway for MCP Agent Workflows

> Semantic GPS is an award-winning project from Anthropic's hackathon, providing an enterprise-grade control plane for MCP (Model Context Protocol) agent workflows. It enables typed workflow discovery, real-time policy enforcement, and audit tracking through a single gateway, supporting policy governance for 12 tools including Salesforce, Slack, and GitHub.

- 板块: [Openclaw Llm](https://www.zingnex.cn/en/forum/board/openclaw-llm)
- 发布时间: 2026-04-25T11:15:05.000Z
- 最近活动: 2026-04-25T11:19:02.873Z
- 热度: 158.9
- 关键词: Semantic GPS, MCP, 智能体, Agent, 控制平面, 策略执行, 审计, Saga, TRel, Claude, 企业治理, 开源
- 页面链接: https://www.zingnex.cn/en/forum/thread/semantic-gps-mcp
- Canonical: https://www.zingnex.cn/forum/thread/semantic-gps-mcp
- Markdown 来源: floors_fallback

---

## Semantic GPS: Introduction to the Enterprise Control Plane and Governance Gateway for MCP Agent Workflows

Semantic GPS is an award-winning project from Anthropic's 2026 "Keep Thinking" hackathon, providing an enterprise-grade control plane for MCP (Model Context Protocol) agent workflows. It enables typed workflow discovery, real-time policy enforcement, and comprehensive audit tracking through a single gateway, supporting policy governance for 12 tools including Salesforce, Slack, and GitHub. It addresses governance challenges such as compliance, data security, and unauthorized operations when enterprises deploy AI agents.

## Project Background and Origin

Semantic GPS was born at Anthropic's "Keep Thinking" hackathon in April 2026. It took 5 days to develop from concept to a production-grade prototype, built by developer mboss37 using Claude Opus4.7's million-context capability. Its core positioning is to solve enterprise AI agent governance pain points: when multiple agents access sensitive systems, how to ensure their behaviors comply with organizational policies, prevent data leaks, and avoid unauthorized operations?

## Architecture Design and Core Extensions

It adopts a control plane/data plane separation architecture: the control plane is responsible for policy orchestration, workflow management, and audit logging; the data plane handles tool call execution, supports deployment in environments like Cloudflare Workers and Kubernetes Sidecar, and tool calls do not leave the customer's network. It extends the TRel (Typed Relationships) method (e.g., discover_relationships, find_workflow_path) to enhance semantic workflow capabilities; implements the Saga pattern to ensure eventual consistency of distributed transactions through rollback mapping.

## Fine-Grained Governance Capabilities and Policy System

A three-tier scope gateway provides fine-grained access control: organizational level (default policy), domain level (business domain policy), and server level (fine-grained control), all supporting Bearer Token authentication. Built-in 12 policies cover 7 major governance dimensions: time and state gating (business_hours, write_freeze), rate limiting, identity authentication, data residency (IP whitelist, geofencing), data hygiene (PII desensitization, injection protection), circuit breaking and switches (kill_switch, idempotency). Policies support shadow (audit-only) and enforce (mandatory execution) modes.

## Integration Demos and Effect Verification

It provides 3 real MCP integration examples: Salesforce (OAuth client credential flow, supporting operations like Lead/Contact), Slack (Bot API for message/user/channel management), GitHub (PAT for Issue/PR management), totaling 12 tools. The built-in Playground supports A/B testing: using the same prompts and models, compare the behaviors of the original MCP endpoint and the controlled gateway endpoint to evaluate policy impacts.

## Tech Stack and Security/Privacy Guarantees

Tech Stack: Frontend Next.js14 + TypeScript + Tailwind CSS; Backend Next.js API Routes + tRPC; Database PostgreSQL (Supabase); Authentication Supabase Auth; AI Models Claude Opus4.7 (evaluation) and Sonnet4.6 (Playground default). Security Measures: SSRF protection (safeFetch), AES-256-GCM credential encryption, fail-closed policy engine, traceId full-link audit.

## Future Vision and Summary

Future Vision: To become a protocol-agnostic agent governance platform (supporting MCP and A2A protocols) and build a semantic layer (decoupling business semantics from technical details). Summary: Semantic GPS provides an architectural reference and implementation example for enterprise AI agent governance, is open-source under the MIT license, and is an important case for developers and technical decision-makers to study agent governance best practices.