MCP TOOLS

Fifty tools your agents can use. Safely.

Pre-built connectors across seven categories — databases, SDLC, knowledge, search, automation, business, and observability. Every call passes through the policy engine first.

Book a demo See the connectors →

Connector catalog

Fifty templates across seven categories. One-click create. Auto tool discovery.

Every connector ships with a DBeaver-style access-control schema. New templates land behind the same policy engine, enforced before any tool call.

Databases10 connectors

PostgreSQL

postgres

MySQL

mysql

MongoDB

mongodb

Redis

redis

Elasticsearch

elasticsearch

Snowflake

snowflake

Google BigQuery

bigquery

Databricks

databricks

Supabase

supabase

Neo4j

neo4j

Dev + SDLC10 connectors

GitHub

github

GitLab

gitlab

Bitbucket

bitbucket

Jira

jira

Linear

linear

Jenkins

jenkins

Azure DevOps

azure-devops

Docker

docker

Kubernetes

kubernetes

Playwright

playwright

Knowledge + Docs10 connectors

Notion

notion

Confluence

confluence

Google Drive

google-drive

Dropbox

dropbox

Microsoft SharePoint

sharepoint

Slack

slack

Microsoft Teams

teams

GitBook

gitbook

Airtable

airtable

Evernote

evernote

Search + Web5 connectors

Google Custom Search

google-search

Bing Web Search

bing-search

Exa

exa

SerpAPI

serpapi

Firecrawl

firecrawl

Automation5 connectors

Zapier

zapier

n8n

Make

make

Apache Airflow

airflow

Temporal

temporal

Business + Payments5 connectors

Stripe

stripe

PayPal

paypal

Square

square

Salesforce

salesforce

HubSpot

hubspot

Observability + Security5 connectors

Prometheus

prometheus

Grafana

grafana

Splunk

splunk

Microsoft Sentinel

sentinel

AWS · Azure · GCP

cloud

Dual use

Two use cases. One layer.

LLM + tools

Via /v1/chat/completions

Verosek runs the LLM → policy → tool → LLM loop internally. Your app sees the final answer. Every intermediate step is audited.

MCP-only

Via the /mcp endpoint

Claude Desktop, Cursor, and VS Code connect directly. They see the union of tools across every connected server — filtered by the virtual key’s permissions.

Access control

DBeaver-style rules. Enforced every call.

A DELETE on a read-only key

-- model proposes:
DELETE FROM users WHERE last_seen < '2024-01-01';

-- blocked by policy engine, CHK-002:
{
  "decision": "BLOCK",
  "triggered_checks": [
    { "id": "CHK-002", "detail": "DELETE not in allowed_operations [SELECT]" }
  ]
}

SELECT without LIMIT → policy engine rewrites

-- model proposes:
SELECT * FROM orders WHERE status = 'shipped';

-- CHK-006 injects a LIMIT clause:
SELECT * FROM orders WHERE status = 'shipped' LIMIT 100;

CHK-006 adds LIMIT 100. The modification is recorded in the audit trace with the original.

Per-tool controls

One rule set per tool type. Per virtual key.

Tool type	Controls
SQL (postgres, mysql)	allowed_operations · blocked_tables · masked_columns · max_rows · read_only
NoSQL (mongodb)	allowed_operations · blocked_collections · max_results · read_only
Key-value (redis)	allowed_commands · blocked_key_patterns · read_only
Search (elasticsearch)	allowed_operations · blocked_indices · max_results · read_only
Filesystem	allowed_operations · blocked_paths · read_only
API (github, gitlab, slack, stripe)	allowed_operations · allowlists · max_amount_cents · test_mode_only

One layer. Fifty connectors. Every call enforced.

FAIL_CLOSED by default. Every tool call scanned. Every decision signed.

Book a demo See the connector catalog →