// self-hosted · governance · distribution

The AI platform team, productized.

Meshum governs and distributes MCP servers, skills, and agents across your organization — one self-hosted control plane, full visibility, tool-level permissions.

v0.0.1AGPL-3.0-or-laterself-hosted

The problem

AI tooling grew faster than anyone's ability to govern it

Every team picked its own MCP servers, wired up its own skills, and gave agents whatever access got the job done fastest. Nobody has a single answer to "what can our AI tools actually touch?"

  • No inventory

    Nobody can list every MCP server running across the org, let alone who approved it.

  • All-or-nothing access

    Approving a server usually means approving every tool it exposes, including the destructive ones.

  • No audit trail

    When something goes wrong, there's no log of which tool ran, on whose behalf, with what result.

  • Copy-pasted skills

    Useful agents and skills spread by Slack message and gist link, not by anything you can version or revoke.

How it works

One control plane. Three jobs.

Governance

Tool-level permissions, not all-or-nothing access

Decide exactly which MCP servers your organization runs, and which tools within each server people can call. Approve a server without approving every tool it ships.

Distribution

Ship skills and agents like you ship code

Publish approved skills and agents to your organization from one place. People pull from a catalog you control, instead of copy-pasting configs between machines.

Telemetry

See what's actually being used

Every call through the control plane is logged: which tool, which server, which person. Know your real AI footprint before an audit asks you to find out.

Governance

Approve the server. Choose the tools.

Every MCP server exposes a list of tools. Meshum lets you allow, block, or flag each one individually, per server, per team — and change your mind later without redeploying anything.

~/meshum · tool access

readwriteexecdelete
filesystem
postgres
github
slack
allowed needs review blocked

Policy as code

Policy changes go through review, not chat

Write your access policy once, review it like any other code change, and let the control plane enforce it. No tribal knowledge about who's allowed to run what.

  1. 01

    Propose

    Someone requests a new server or a tool access change.

  2. 02

    Review

    The change is reviewed and approved in the open, with history.

  3. 03

    Enforce

    The control plane picks it up. Nothing gets redeployed by hand.

Self-hosted

Your data stays on your infrastructure

Deployed on your own infrastructure, where you already run everything else. Meshum never sees your telemetry, your policies, or your credentials.

control plane

YOUR PEOPLECONTROL PLANEYOUR TOOLSrequestenforce policymeshumpolicy engineregistry / catalogtelemetry & auditrecord telemetrydevelopersagentsfilesystempostgresgithubslack
10–500
people, the size we're built for
AGPL-3.0
with a commercial license available

Self-host Meshum and see your AI footprint for the first time.

Open source under AGPL-3.0, with a commercial license available for teams that need it.