Governed MCP: Kernel-Level Tool Governance for AI Agents via Logit-Based Safety Primitives

ArXi:2604.16870v1 Announce Type: cross AI agents increasingly call external tools (file system, network, APIs) through the Model Context Protocol (MCP). These tool calls are the agent's syscalls -- privileged operations with side effects on shared state -- yet today's safety enforcement lives entirely in userspace, where a 10-line script can bypass it. I propose Governed MCP, a kernel-resident tool governance gateway built on a logit-based safety primitive (ProbeLogits, companion paper: arXi:2604.11943.