Civic Labs

Civic Labs is where we build and open-source the infrastructure that powers forward deployed agents. Every flask here solves a real problem we encountered deploying production agents for mid-market businesses — identity, authorization, guardrails, threat detection, and knowledge retrieval.

Each project is presented as a flask, representing different stages of development. Learn more about flask status.

Flasks are standalone services, libraries, or tools that can be used independently or composed together. They are built by the same team that has shipped identity infrastructure for the German Federal Chamber of Notaries, enterprise AI for BMW and Panasonic, and production systems across financial services, manufacturing, and publishing.

Explore the flasks below or get in touch if you want to contribute, try things early, or shape what comes next.

Getting Started

Want to try out these experiments? Get started here.

Feedback & Contribution

We're building in the open and welcome community input. Learn how to contribute.

Flasks

MCP Hub

Hosted MCP manager that unifies and orchestrates multiple MCP servers with built-in authentication and governance — the core of every Civic agent deployment.

Guardrail Proxy

Wrap any MCP server in a configurable security layer. Block, redact, and transform tool calls and responses before they reach your agent.

Bodyguard

LLM-based threat detection for prompts and tool calls. Catches prompt injection, data exfiltration attempts, and policy violations in real time.

Pass-through Proxy

Middleware hook system for MCP servers. Intercept, inspect, and modify tool calls without changing the underlying server — powers guardrails and custom logic.

Civic Knowledge

RAG-powered AI assistant for internal operations. Query company documentation, processes, and institutional knowledge through natural language.