Agent & MCP Governance Sprint
Inventory the agents and MCP servers already in production, design the authorization control-plane that should govern them, and ship the audit-trail specification your board (and your insurer) can defend.
2 weeks (1 sprint) or 4 weeks (Foundation-shape, 2 sprints) for multi-business-unit estate census
Who this is for
CTOs and VPs of Platform Engineering at 100-500 person companies with board-mandated agent rollouts, who have read OWASP MCP Top 10 or seen the Anthropic MCP RCE disclosures. PE operating partners doing portfolio-wide agentic-AI risk assessment.
When you need it
Boards have mandated agent rollouts. Engineering has shipped MCP servers, agentic features, and Cursor / Claude-Desktop integrations the security team did not procure. Big-Four firms are quoting six-figure pricing for the 'governance assessment'; SaaS vendors (Credo AI, Holistic AI, OneTrust) ship checkbox UX. Nobody has produced the engineering-grade authorization control-plane recommendation.
What's delivered
- Agent + MCP estate census: every first-party agent, every MCP server (registry-pulled or self-hosted), every Cursor / Claude-Desktop integration that touches production data
- OWASP MCP Top 10 alignment per server with severity ratings
- Authorization control-plane recommendation - WARRANT-aligned: scoped identity, bounded blast radius, signed-message gating, kill-switch path
- Audit-trail specification - NIST AI RMF Article 12 logging-compatible; what to log, what to retain, what to surface to incident response
- Kill-switch and escalation runbook tied to the control-plane
- Board-ready summary: where the governance gaps are, what binds them, sequenced fix list
Why this consultant
Co-author of the WARRANT Standard for autonomous agent authorisation. prismalOS's KERNEL is built to enforce these authorization boundaries at runtime - the same scoped-identity and audit-trail gate this sprint specifies. Big-Four can't price into the €8,500 single-sprint slot; SaaS vendors can't deliver the senior-led control-plane recommendation.
What this sprint is not
- Implementation work (this sprint produces the design; Sprint 10 MCP Server Implementation or Sprint 12 Agentic DevOps run the build)
- Tool installation (we recommend vendor-agnostic; tooling decisions stay with your platform team)
- Replacing your CISO (this complements security leadership; it does not displace it)
Fixed price, fixed scope. Every engagement carries the four guarantees: Sprint 1 Escape Hatch, Board-Ready Quality, Three-Client Cap, Skin-in-the-Game Pledge.