Cavalry

Governance, observability, and control for AI agent context at enterprise scale.

Cavalry is a self-hostable control plane for the skills, tiles, rules, and MCP servers your engineering organization uses with AI coding agents. It sits between your developers and every public or private context source and gives platform and security teams:

  • A proxy gateway for public registries (Tessl, GitHub, generic HTTP) so every install is authenticated, audited, and cached.
  • A private registry for org-internal skills, either directly published or synced from customer-owned git repositories.
  • A policy engine with allowlists, blocklists, version pins, and approval gates — enforced at the install hot path.
  • A complete audit trail of every install, publish, policy decision, and sync, with SIEM webhook delivery.
  • Integrations for GitHub Apps (skill repo sync), Slack (approval notifications), and OIDC (SSO).

Where to go next

  • Quickstart — run Cavalry locally in 5 minutes with docker-compose.
  • Architecture — how web, gateway, and worker fit together.
  • Policies — enforce rules on what can be installed.
  • CLI reference — every command the cavalry binary supports.
  • Gateway REST API — the endpoints the CLI and agents call.

License

Cavalry is licensed under the Apache License 2.0. Self-host freely, including for commercial use.