Uplink is the enterprise MCP gateway that scans every message for prompt injection, audits every tool call, catches vulnerabilities before commit, and enforces security requirements across your entire agentic stack.
Four purpose-built security tools sit between your LLM agents and everything they touch — scanning messages, auditing tool calls, analyzing source code, and enforcing policy on every commit.
Every inbound message is scanned for 9 injection categories — instruction overrides, jailbreaks (DAN, developer mode), delimiter injection, data exfiltration, tool manipulation, encoding evasion, role hijacking, and more. Noisy-OR risk scoring classifies threats as clean, suspicious, or malicious, and the gateway returns a sanitized copy with injected fragments automatically redacted.
Every tool call passes through the context audit engine before execution. The gateway inspects tool name, full argument payload, and caller identity against policy rules — flagging destructive operations, sensitive data in arguments, network access, force-deletes, and verification bypasses. Each audit produces a cryptographically hashed, traceable record with allow/warn/deny verdicts.
Static analysis runs on every file before it reaches version control. Detects hardcoded credentials (CWE-798), SQL injection patterns (CWE-89), unsafe eval/exec usage (CWE-95, CWE-78), cleartext API keys (CWE-312), and unresolved security TODOs. Returns SARIF-inspired reports with severity rankings, line-level locations, code snippets, and actionable remediation guidance.
Accepts staged git diffs and evaluates them against your organization's security policy templates. Generates prioritized TODO checklists covering input validation, error handling, secrets management, auth review, cryptography audits, dependency scanning, and configuration hardening — each with a ready-to-insert TODO comment. Requirements trigger contextually based on file types and diff content.
Secure credential management with proof-of-possession tokens, HSM-backed key storage, and automatic credential rotation. No plaintext secrets, ever.
The gateway implements MCP 2025-03-26 natively over Streamable HTTP and legacy SSE with a hand-rolled JSON-RPC 2.0 engine — zero external dependencies, zero supply chain risk. Async I/O with sub-5ms overhead, deployed at the edge in 14 regions with automatic failover.
Uplink is a remote MCP server that sits between your agent and every tool call — enforcing security policy, scanning for injection, and auditing every action without modifying your agent code.
Tool calls audited monthly
Injection attempts blocked
CWE rules in security scanner
Prompt injection threat categories
MCP unlocks incredible agentic capabilities — but also introduces novel attack surfaces. Uplink's four gateway tools defend against all of them.
Adversarial messages in Slack channels, emails, or webhooks attempt to override system instructions, exfiltrate context, or bypass safety controls. Attack vectors include instruction overrides, delimiter injection, jailbreak phrases, and encoding evasion.
✓ Blocked by prompt_injection_scan (17 rules, 9 threat categories)Credentials, API keys, and SQL injection patterns committed to version control create persistent vulnerabilities. CWE-798 (hardcoded credentials), CWE-89 (SQL injection), and CWE-95 (code injection via eval) are the most common pre-commit findings.
✓ Blocked by security_scan (SARIF reports with line-level remediation)Agentic systems executing shell commands, force-deletes, or verification bypasses without oversight. Unaudited tool calls with sensitive data in arguments risk data exfiltration and irreversible infrastructure damage.
✓ Mitigated by context_audit (pre-flight policy verdicts on every call)Code changes touching authentication, cryptography, or dependency manifests are merged without security checks. Missing input validation, improper error handling, and unaudited dependencies introduce exploitable gaps.
✓ Mitigated by security_requirements (context-aware TODO enforcement)Talk to our team about deploying Uplink in your environment. Most teams are live within a day.