How to add human approval to MCP tool calls — no code changes

MCP servers do what agents tell them. There's no policy check between "the agent decided to run this query" and "the query executed." If you're running MCP servers in production, every tool call goes straight through. We built sidclaw-mcp-guard to fix that. It's a CLI that wraps any MCP server with policy-based guardrails. YAML rules, local approval dashboard, audit trail. No signup, no SaaS dependency. Apache 2.0. Here's what it looks like. 30-second demo npx sidclaw-mcp-guard@latest demo Output: ALLOW SELECT * FROM users Allowed : read query on users . Read - only queries are safe . HOLD DELETE FROM users WHERE id = 42 Held for approval : delete from users . Data changes need approval . BLOCK DROP TABLE users Blocked : drop users . Schema changes are never allowed . Three decisions. Safe reads pass through. Writes wait for a human. Destructive DDL gets blocked outright. It catches compound statements too. SELECT 1; DROP TABLE users doesn't sneak through as a read -- the destructive p