# MCPlexer > Secure, audit, and control every AI tool call across your organization. One gateway. Complete visibility. Zero risk. MCPlexer is an MCP gateway that sits between your AI client (Claude Desktop, Claude Code, Cursor, …) and your downstream MCP servers. It enforces directory-scoped routing, human-in-the-loop approvals, OAuth credential injection, audit logging, and shell-injection-resistant downstream spawning. The product is local-first, encrypts secrets at rest with age, and ships open source under MIT. Operated and supported by Revitt. **MCPlexer is configured by talking to your agent.** The gateway's primary configuration surface is MCP itself: open a terminal at ~/.mcplexer, run a coding agent (Claude Code, OpenCode, Codex, Gemini-CLI), and use natural language to provision new MCP servers, set up OAuth flows, write routing rules, and manage approvals. The agent drives via mcpx__* control tools (mcpx__provision_mcp, mcpx__create_addon, mcpx__import_openapi, mcpx__execute_code, mcpx__search_tools, mcpx__approve_tool_call, mcpx__deny_tool_call, mcpx__list_pending_approvals, mcpx__reload_server, mcpx__flush_cache) and mcplexer__* CRUD tools (mcplexer__list/get/create/update/delete_workspace, mcplexer__list/get/create/update/delete_server, mcplexer__list/create/update/delete_route, mcplexer__list/get/create/update/delete_auth_scope, mcplexer__status, mcplexer__query_audit) — full CRUD, no read-only fallback, no need for raw SQL — plus mesh__send / mesh__receive for inter-agent comms and secret__prompt for ephemeral credential capture. mcpx__execute_code runs JavaScript inside a Goja sandbox with hard CPU and memory limits so agents can chain dozens of provisioning calls without round-tripping every result through context. **Directory-scoped admin surface:** the full mcpx__/mcplexer__ admin tool set is visible only when the agent's CWD is at or under ~/.mcplexer; from any project directory the agent sees only the universal surface (mcpx__search_tools, mcpx__execute_code, secret__prompt, mesh__send/receive). The web dashboard exists for review and visibility, not setup. ## Core pages - [Home](https://mcplexer.com/): product overview, features, "Configure with AI" section, security advisory excerpt, "Book a Demo" CTA. - [Home#configure-with-ai](https://mcplexer.com/#configure-with-ai): the gateway is configurable by talking to your agent — explanation + list of mcpx__* control tools. - [Blog](https://mcplexer.com/blog): security advisories, design notes, ship notes. ## Blog posts - [How MCPlexer mitigates the MCP STDIO RCE class](https://mcplexer.com/blog/mcp-stdio-rce-mitigations): OX Security disclosed a systemic remote-code-execution flaw in MCP's STDIO transport that affects 200,000+ servers and 150M+ downloads. Here are the six concrete controls MCPlexer ships to mitigate it — with the code, the threat model, and what you can verify yourself. Published 2026-05-04. Plain-text source: https://mcplexer.com/blog/mcp-stdio-rce-mitigations/raw.md ## Source of truth - GitHub: https://github.com/RevittCo/mcplexer — code, releases, issue tracker, security advisories. - Sitemap: https://mcplexer.com/sitemap.xml — machine-readable list of all crawlable pages. - Full content: https://mcplexer.com/llms-full.txt — concatenation of every blog post for one-shot ingestion. - RSS feed: https://mcplexer.com/feed.xml — Atom 1.0 feed of new posts. ## Contact - Company: https://revitt.co - Demo booking: https://revitt.co/book - Security disclosure: open a private advisory at https://github.com/RevittCo/mcplexer/security/advisories/new or email security@revitt.co