// self-hosted · governance · distribution
The AI platform team, productized.
Meshum governs and distributes MCP servers, skills, and agents across your organization — one self-hosted control plane, full visibility, tool-level permissions.
The problem
AI tooling grew faster than anyone's ability to govern it
Every team picked its own MCP servers, wired up its own skills, and gave agents whatever access got the job done fastest. Nobody has a single answer to "what can our AI tools actually touch?"
No inventory
Nobody can list every MCP server running across the org, let alone who approved it.
All-or-nothing access
Approving a server usually means approving every tool it exposes, including the destructive ones.
No audit trail
When something goes wrong, there's no log of which tool ran, on whose behalf, with what result.
Copy-pasted skills
Useful agents and skills spread by Slack message and gist link, not by anything you can version or revoke.
How it works
One control plane. Three jobs.
Governance
Tool-level permissions, not all-or-nothing access
Decide exactly which MCP servers your organization runs, and which tools within each server people can call. Approve a server without approving every tool it ships.
Distribution
Ship skills and agents like you ship code
Publish approved skills and agents to your organization from one place. People pull from a catalog you control, instead of copy-pasting configs between machines.
Telemetry
See what's actually being used
Every call through the control plane is logged: which tool, which server, which person. Know your real AI footprint before an audit asks you to find out.
Governance
Approve the server. Choose the tools.
Every MCP server exposes a list of tools. Meshum lets you allow, block, or flag each one individually, per server, per team — and change your mind later without redeploying anything.
~/meshum · tool access
| read | write | exec | delete | |
|---|---|---|---|---|
| filesystem | ✓ | ✓ | – | – |
| postgres | ✓ | • | – | – |
| github | ✓ | ✓ | • | – |
| slack | ✓ | • | – | – |
Policy as code
Policy changes go through review, not chat
Write your access policy once, review it like any other code change, and let the control plane enforce it. No tribal knowledge about who's allowed to run what.
01
Propose
Someone requests a new server or a tool access change.
02
Review
The change is reviewed and approved in the open, with history.
03
Enforce
The control plane picks it up. Nothing gets redeployed by hand.
Self-hosted
Your data stays on your infrastructure
Deployed on your own infrastructure, where you already run everything else. Meshum never sees your telemetry, your policies, or your credentials.
control plane
- 10–500
- people, the size we're built for
- AGPL-3.0
- with a commercial license available
Self-host Meshum and see your AI footprint for the first time.
Open source under AGPL-3.0, with a commercial license available for teams that need it.