Gateway CLI

The Interven Gateway CLI is the fastest way to protect your agent's tool calls. One command, instant proxy with a live dashboard.

Quick Start

npx @interven/gateway --api-key iv_live_YOUR_KEY

The gateway starts on http://localhost:4100 with a built-in dashboard.

How It Works

Agent → localhost:4100/proxy/<upstream-url> → Interven Cloud → Decision → Forward or Block

Your agent sends HTTP requests through the local proxy instead of directly to upstream APIs. Each request is scanned by Interven's policy and risk engine. The proxy then forwards allowed requests, blocks denied ones, and redacts sensitive data from sanitized requests.

Route tool calls through the proxy

Prefix your upstream URL with http://localhost:4100/proxy/:

import requests

# Direct call (unprotected):
# requests.post("https://api.github.com/repos/org/repo/pulls", json={...})

# Through Interven (protected):
response = requests.post(
    "http://localhost:4100/proxy/https://api.github.com/repos/org/repo/pulls",
    json={"title": "My PR", "head": "feature", "base": "main"},
    headers={"Authorization": "Bearer ghp_..."}
)

// TypeScript
const res = await fetch(
  'http://localhost:4100/proxy/https://api.github.com/repos/org/repo/pulls',
  {
    method: 'POST',
    headers: { 'Content-Type': 'application/json', Authorization: 'Bearer ghp_...' },
    body: JSON.stringify({ title: 'My PR', head: 'feature', base: 'main' }),
  }
);

Monitor Mode

Start in monitor mode to log every decision without blocking anything — ideal for evaluating Interven before enforcing:

npx @interven/gateway --api-key iv_live_YOUR_KEY --mode monitor

All requests are forwarded regardless of the scan result. The dashboard and terminal logs show what would have been blocked.

Options

Dashboard

Open http://localhost:4100 for a live view of scan stats and recent decisions with risk scores, tool names, and reason codes.

Decisions

The proxy handles all four decisions:

When to use the CLI vs the SDK