# ActionPilot

> A policy enforcement and audit layer that sits between AI models and MCP-connected systems. ActionPilot evaluates every tool call against your rules, runs pre-execution simulations, isolates environments, and produces a tamper-proof audit log — before any action reaches production.

ActionPilot is built for enterprise and SME teams deploying AI agents against live business data (CRM records, databases, project management systems, financial tools) who need governance and safety guarantees beyond what the model or MCP server itself provides.

## Key capabilities

- **Execution control** — every MCP tool call intercepted and evaluated against policy rules before it reaches a connected system
- **Policy engine** — declarative rules in plain language: "deny when action.destructive and env = prod unless approver"
- **Pre-execution simulation** — see every record and downstream system an action will touch before committing
- **Environment isolation** — production, staging, per-tenant, and per-team boundaries enforced at the policy layer
- **Multi-MCP orchestration** — connect any number of MCP servers in parallel with unified audit log
- **Full audit trail** — prompt, routing decision, tool name, arguments, policy verdict, and result — all logged immutably
- **LLM flexibility** — model-agnostic, users bring their own API key for any supported provider
- **Human-in-the-loop** — route high-risk actions to Slack, email, or review console before execution

## How it works

1. User connects one or more MCP servers (hosted endpoints, e.g. mcp.zoho.com, or custom)
2. User selects an LLM provider and supplies their own API key
3. User defines policy rules scoped per environment, per tenant, or globally
4. When an agent issues a prompt, ActionPilot routes it to the model with tool schemas injected
5. The model proposes tool calls — ActionPilot intercepts each and evaluates against active rules
6. Approved calls execute; blocked calls return a reason; flagged calls await human approval
7. All decisions write to an immutable audit log

## MCP compatibility

ActionPilot supports any MCP server using the StreamableHTTP transport. Authentication types: none (token in URL), Bearer token, custom header. Popular supported servers: Zoho MCP (mcp.zoho.com), HubSpot, Salesforce, Notion, Slack, Google Workspace, Zapier, Jira, Shopify.

## Status

Launched April 2026. Free to start. Core execution control, policy engine, simulation, multi-MCP, and audit trail are production-ready. Self-hosted builds available.

## Links

- Full product context: https://www.actionpilot.co.uk/llm-context
- Machine-readable manifest: https://www.actionpilot.co.uk/public-manifest.json
- Homepage: https://www.actionpilot.co.uk
- MCP specification: https://modelcontextprotocol.io
- Beta access: https://www.actionpilot.co.uk/#pricing