Security
Tool safety
Skills and MCP connectors make AI useful at work, but each one is third-party code that can reach company data. Harriet reviews, contains, and audits every tool before it touches your systems.
The risk
Agentic AI has a supply chain now
Every skill is instructions your assistant may follow. Every connector is third-party code with access to documents, credentials, and internal systems. Approve them blindly and you have added a supply chain IT can't see.
Hardcoded bearer token in the MCP URL, and all tool calls routed through an external third-party service.
Trust
From "who installed this?" to "here's why we approved it"
Every extension gets a paper trail before it becomes part of how your company works — faster approvals for clean requests, and nothing to scramble for when compliance asks what changed.
FAQ
What security teams ask.
What does Harriet check before a skill or connector runs?
Every skill and MCP connector is threat-scored before it can reach company systems: risk signals like credential exposure, external routing, and unpinned packages surface up front, and nothing activates until a human reviews and approves it.
What happens when a scan flags something?
The tool is blocked pending a fix, with the findings listed against it — for example a hardcoded token or calls routed through an external third-party service. You can re-run a scan on demand after the issue is addressed.
How do we prove this to auditors?
Every approval, override, and tool call lands in an append-only audit trail, so when compliance asks what changed, the evidence already exists: who approved which tool, when, and why.
Bring the connector you would hesitate to approve
We'll show how Harriet turns it into a reviewable, contained, auditable decision.