Organization identity
Login, legal gate, membership, role permissions, and per-Skill ACL are checked before execution.
MCP Skill security
Run private Skills from any MCP-capable AI client
Invokora lets teams run private organization Skills from Codex, Claude Code, opencode, Cursor, and other MCP hosts while keeping source delivery, access, and audit evidence under organization control.
- Works with MCP-capable clients, not one locked-in AI app.
- Server-hosted mode keeps protected source and bundle files server side.
- Runs, source delivery, blocked outputs, and policy changes create reviewable records.
Keep the client flexible and the control plane stable
Teams can choose the AI client that fits their workflow while Invokora applies the same organization controls before and after each Skill run.
Source delivery
Run access and source access stay separate for every MCP client.
Runtime boundary
Server-hosted mode runs protected Skills without syncing source bundles to local machines.
Review evidence
Access, source reads, sync, delivery changes, and output blocks stay traceable.
Choose delivery mode before rollout
MCP clients should not decide whether protected Skill source is copied locally. Owners choose the delivery mode and review changes centrally.
Server-hosted mode
Members invoke the Skill from an MCP-capable client, while source and bundle files remain server side.
- Protected source does not sync to the client.
- The local setup receives a runnable entry.
- Runs and blocked outputs are reviewable.
Public-source mode
Authorized members can sync source when local inspection and collaboration are intentional.
- Source delivery is explicit and permissioned.
- Synced folders remain Invokora-managed.
- Sync and delivery changes create audit evidence.
Questions security teams can answer
The useful security story is not which AI client someone prefers. It is whether the team can explain who ran what, which source crossed the boundary, and what was blocked.
EventReview questionEvidenceSensitive body
MCP Skill runCould this member run this Skill?Organization, role, ACL, legal, and plan checks.Prompt and output excluded from audit summary
Source deliveryDid source sync to a local machine?Delivery mode, source read, sync, and approval records.Source body excluded
Output blockWas server-hosted content protected before delivery?Block outcome, reason, actor, Skill, and time.Output body excluded
Audit exportCan reviewers inspect governance history?Allowlisted governance and security events.Allowlisted fields only
Best fit
For teams with many AI clients and one governance problem
Invokora is strongest when a team already has shared prompts, SOPs, tools, and MCP clients, but needs one place to control source delivery and review access.
- Platform teams rolling out MCP clients across developers or operators.
- Security teams reviewing source exposure, audit, and local client boundaries.
- Engineering teams sharing reusable Skills without copying every source bundle locally.
Limits
No single-client or absolute-safety claim
Clear limits keep the page useful for real security review.
- Invokora does not claim every third-party MCP host has identical local safeguards.
- Invokora does not promise to block every prompt injection, jailbreak, or tool misuse.
- Broad local tools, secrets, and filesystem access still need client-side review.
Resources
Review the MCP Skill rollout checklist
Use the resources hub to compare delivery modes, client rollout controls, and organization Skill governance.