Author, debug, and deploy Rego policies from inside your AI client.
OPA MCP is an open-source Model Context Protocol server that gives Claude, Cursor, VS Code,
and any other MCP-compatible client a structured interface to Open Policy Agent and Regal.
Instead of parsing CLI output, your AI agent calls 50+ schema-validated tools with stable error
codes and gets structured results it can reason about.
50+ tools across seven categories, built for agent workflows.
OPA MCP wraps the OPA CLI and REST API into a tool surface designed for how AI agents
actually work. Every tool returns a structured JSON envelope with stable error codes, so
the agent gets readable results rather than raw CLI output to parse.
Authoring and static analysis
Format, check, lint, parse, inspect, and analyze dependencies in Rego source without a running OPA server. rego_check_schema validates that all input.* references in a policy are consistent with a provided JSON Schema. Wraps opa fmt, opa check, opa parse, opa inspect, opa deps, and the Regal linter.
Evaluation and testing
Evaluate queries against policies and inputs with optional explain traces, profiling data, and per-line coverage. Run the full opa test suite or benchmark hot rules. rego_test_multiroot handles repos with multiple independent package namespaces where a single opa test run would produce package-conflict errors. All results are structured JSON, not terminal output.
Higher-level helpers
rego_explain_decision walks through every rule that fired and every rule that did not. rego_verify formally verifies Rego rule invariants using Z3 SMT solving via WASM, no additional install required. rego_explain_undefined diagnoses why a fully-qualified Rego query produces no value. rego_generate_test_skeleton builds a test file from a policy. rego_infer_input_schema statically derives the JSON Schema for every input field a policy reads. rego_policy_diff compares two policies side by side. rego_playground_share publishes a policy as a GitHub Gist and returns a shareable link loadable directly by OPA or Conftest.
OPA server management
List, get, put, and delete policies on a running OPA server through its REST API. Read and write data paths, POST to decision endpoints, and check health and bundle status. Works against a local dev server or a production deployment with bearer-token auth.
Install
Works with every major MCP client out of the box.
Drop-in example configs are included for Claude Desktop, Claude Code, Cursor, VS Code,
Windsurf, Zed, and Docker. The Docker image is multi-arch (amd64 and arm64) and bundles
pinned versions of OPA and Regal so nothing needs to be installed on the host.
npm (Claude Code, Cursor, VS Code)
Register with one command via claude mcp add or drop the example JSON config into your client's MCP settings. Requires Node.js 20 or later. The matching OPA binary is now bundled with the npm package automatically, so no separate OPA install is needed; an opa already on your PATH or set via OPA_BINARY still takes precedence.
Docker (any client)
The multi-arch image bundles OPA and Regal and runs as a non-root user. No host install of OPA or Regal required. Point any MCP client at it using the Docker example config.
Smithery one-liner (Claude Desktop)
Install via npx -y @smithery/cli install @orygn/opa-mcp --client claude. Smithery handles the config file automatically. Listed in the Smithery registry under @orygn/opa-mcp.
Signed .mcpb bundle (Claude Desktop)
Download the signed opa-mcp.mcpb bundle from the latest release and double-click to install directly into Claude Desktop. Bundles OPA and Regal, no PATH configuration needed.
Distribution
Published across npm, Docker Hub, the MCP Registry, and the OPA Ecosystem.
OPA MCP is available everywhere policy engineers and security teams expect to find tooling.
It is listed in the official MCP Registry, the canonical index MCP clients use to discover
servers. The npm package ships with provenance attestations. The Docker image is reproducibly
built from the committed Dockerfile.
TypeScript on Node.js, tested across three operating systems.
The server communicates over stdio and never writes to stdout, reserving that channel for
the MCP protocol. Subprocesses run with shell disabled and hard timeouts. CI tests across
Ubuntu, macOS, and Windows on Node 20, 22, and 24.
OPA MCP is an open-source Model Context Protocol server that gives any MCP-compatible AI client a structured interface to Open Policy Agent and the Regal linter. It exposes 50+ tools with schema-validated inputs, a stable error taxonomy, and curated resources so AI agents can author, evaluate, debug, and deploy Rego policies reliably.
Model Context Protocol (MCP) is an open standard for giving AI models access to external tools, data, and resources. An MCP server registers a set of tools that an AI client can call, with defined input and output schemas. OPA MCP implements the MCP server spec over stdio so it works with any compliant client.
No, for most use cases. The authoring and evaluation tools only need the OPA binary installed on your machine. A running OPA REST server is only required for the server management tools, which push and pull policies against a live OPA deployment.
OPA MCP works with Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot Chat), Windsurf, Zed, and any other MCP-compatible client. Drop-in example config files for each client are included in the repository under the examples/ directory.
Yes. OPA MCP is MIT-licensed and published by Orygn LLC. The source code is on GitHub at OrygnsCode/opa-mcp-server. It is also listed in the official OPA Ecosystem maintained by the Open Policy Agent project.
Built by Orygn
OPA MCP is one of several tools Orygn has built around security infrastructure and policy-as-code.
Orygn builds custom software, security tooling, and infrastructure-level systems for teams that
need them production-grade from day one. OPA MCP came out of the same kind of work, applied
directly to the policy-as-code workflows security and platform engineers run every day.