SkillsMay 11, 2026·4 min read

OpenControl — Universal Control Plane for AI Agents

SST team's universal control-plane MCP server exposing AWS / Cloudflare / Vercel infra to AI agents in natural language. Audit-logged, scoped.

SST
SST · Community
Agent ready

This asset can be read and installed directly by agents

TokRepo exposes a universal CLI command, install contract, metadata JSON, adapter-aware plan, and raw content links so agents can judge fit, risk, and next actions.

Stage only · 5/100Stage only
Agent surface
Any MCP/CLI agent
Kind
Mcp Config
Install
Stage only
Trust
Trust: New
Entrypoint
Asset
Universal CLI install command
npx tokrepo install f85e22b2-506e-470d-814e-2a0e6692dd04
install contractmetadata JSONadapter planraw content
Intro

OpenControl is a universal control-plane MCP server from Dax Raad's team — exposes AWS, Cloudflare, Vercel, and SST infrastructure to AI agents (Claude Code, Cursor, custom agents) via natural language. Every action is audit-logged, scope-limited, and reviewable before execution. Best for: SRE-with-agents workflows, on-call triage, infra cleanup, anywhere you want Claude to actually take action on real infra but with guard rails. Works with: any MCP host. Setup time: 15 minutes.

Install

npx opencontrol@latest init
# Answers a few questions, generates opencontrol.config.ts

Sample config

// opencontrol.config.ts
import { defineConfig } from "opencontrol";

export default defineConfig({
  audit: {
    storage: "s3://my-audit-bucket/opencontrol/",
    require_approval: ["delete", "scale_down", "destroy"],
  },
  providers: {
    aws: {
      regions: ["us-east-1", "eu-west-1"],
      services: ["s3", "lambda", "dynamodb", "cloudfront"],
      role_arn: "arn:aws:iam::123456789:role/opencontrol",
    },
    cloudflare: {
      account_id: "...",
      api_token_env: "CF_API_TOKEN",
    },
    vercel: {
      team_id: "...",
      token_env: "VERCEL_TOKEN",
    },
  },
});

Claude Desktop config

{
  "mcpServers": {
    "opencontrol": {
      "command": "npx",
      "args": ["-y", "opencontrol", "mcp"],
      "env": {
        "OPENCONTROL_CONFIG": "./opencontrol.config.ts"
      }
    }
  }
}

Sample prompts that work

  • "Find Lambda functions that haven't been invoked in 90 days and tag them as candidates for deletion."
  • "Which Cloudflare workers have error rate above 1% in the last hour?"
  • "Roll back the Vercel deployment of tokrepo-web to the version before the May 8 deploy."
  • "Show me S3 buckets without lifecycle rules and estimated monthly cost."

Action approval workflow

Actions matching require_approval patterns generate a pending audit entry. Approve via:

opencontrol approvals list           # see pending
opencontrol approvals approve <id>   # green-light
opencontrol approvals reject <id>    # block

Configure Slack / email notifications for new approval requests via webhook.

FAQ

Q: How is this different from cloud MCP servers like AWS MCP? A: Cloud MCP servers expose a single cloud's API. OpenControl unifies multiple clouds + adds audit logging + approval workflows. For one-cloud teams, AWS MCP is fine; for multi-cloud or compliance-strict shops, OpenControl is the upgrade.

Q: What stops an agent from doing real damage? A: Three layers: (1) require_approval patterns force human green-light on destructive verbs; (2) IAM role scoping limits what credentials can do; (3) every action is S3-logged for forensics. Treat OpenControl as the seatbelt, not the steering wheel — still review what the agent proposes.

Q: Is it open source? A: Yes — MIT licensed. Hosted version planned by Toolbeam for teams who don't want to self-host the control plane. The MCP server itself is fully open-source today.

Quick Use

  1. npx opencontrol@latest init to scaffold opencontrol.config.ts
  2. Configure providers (aws/cloudflare/vercel) and audit settings
  3. Add to Claude Desktop mcpServers config and prompt away

Intro

OpenControl is a universal control-plane MCP server from Dax Raad's team — exposes AWS, Cloudflare, Vercel, and SST infrastructure to AI agents (Claude Code, Cursor, custom agents) via natural language. Every action is audit-logged, scope-limited, and reviewable before execution. Best for: SRE-with-agents workflows, on-call triage, infra cleanup, anywhere you want Claude to actually take action on real infra but with guard rails. Works with: any MCP host. Setup time: 15 minutes.

Install

npx opencontrol@latest init
# Answers a few questions, generates opencontrol.config.ts

Sample config

// opencontrol.config.ts
import { defineConfig } from "opencontrol";

export default defineConfig({
  audit: {
    storage: "s3://my-audit-bucket/opencontrol/",
    require_approval: ["delete", "scale_down", "destroy"],
  },
  providers: {
    aws: {
      regions: ["us-east-1", "eu-west-1"],
      services: ["s3", "lambda", "dynamodb", "cloudfront"],
      role_arn: "arn:aws:iam::123456789:role/opencontrol",
    },
    cloudflare: {
      account_id: "...",
      api_token_env: "CF_API_TOKEN",
    },
    vercel: {
      team_id: "...",
      token_env: "VERCEL_TOKEN",
    },
  },
});

Claude Desktop config

{
  "mcpServers": {
    "opencontrol": {
      "command": "npx",
      "args": ["-y", "opencontrol", "mcp"],
      "env": {
        "OPENCONTROL_CONFIG": "./opencontrol.config.ts"
      }
    }
  }
}

Sample prompts that work

  • "Find Lambda functions that haven't been invoked in 90 days and tag them as candidates for deletion."
  • "Which Cloudflare workers have error rate above 1% in the last hour?"
  • "Roll back the Vercel deployment of tokrepo-web to the version before the May 8 deploy."
  • "Show me S3 buckets without lifecycle rules and estimated monthly cost."

Action approval workflow

Actions matching require_approval patterns generate a pending audit entry. Approve via:

opencontrol approvals list           # see pending
opencontrol approvals approve <id>   # green-light
opencontrol approvals reject <id>    # block

Configure Slack / email notifications for new approval requests via webhook.

FAQ

Q: How is this different from cloud MCP servers like AWS MCP? A: Cloud MCP servers expose a single cloud's API. OpenControl unifies multiple clouds + adds audit logging + approval workflows. For one-cloud teams, AWS MCP is fine; for multi-cloud or compliance-strict shops, OpenControl is the upgrade.

Q: What stops an agent from doing real damage? A: Three layers: (1) require_approval patterns force human green-light on destructive verbs; (2) IAM role scoping limits what credentials can do; (3) every action is S3-logged for forensics. Treat OpenControl as the seatbelt, not the steering wheel — still review what the agent proposes.

Q: Is it open source? A: Yes — MIT licensed. Hosted version planned by Toolbeam for teams who don't want to self-host the control plane. The MCP server itself is fully open-source today.

Source & Thanks

Built by Toolbeam (Dax Raad's team). Licensed under MIT.

toolbeam/opencontrol — ⭐ 1,200+

🙏

Source & Thanks

Built by Toolbeam (Dax Raad's team). Licensed under MIT.

toolbeam/opencontrol — ⭐ 1,200+

Discussion

Sign in to join the discussion.
No comments yet. Be the first to share your thoughts.

Related Assets

WhatsApp MCP Server — Chat with WhatsApp via AI Agents

MCP server connecting Claude and AI agents to your personal WhatsApp. Search contacts, read messages, send replies and media via natural language.

MCP Configs
MCP Hub

npx skills — Universal Skill Installer for AI Agents

One-command skill installer that works across Claude Code, Cursor, Codex CLI, and Gemini CLI. Install skills from any GitHub repo with automatic platform detection.

Skills
Skill Factory

n8n MCP Server — Build Automations with AI, 1,396 Nodes

MCP server giving AI agents access to 1,396 n8n nodes and 2,709 workflow templates. Build and manage n8n automations through natural language.

MCP Configs
n8n

DBHub — Universal Database MCP Server, Zero Dependencies

Token-efficient database MCP server supporting Postgres, MySQL, MariaDB, SQL Server, and SQLite. Just two MCP tools, zero dependencies, read-only safe.

MCP Configs
TokRepo精选
Home🔍Search👤Me