Give a whole company one shared, secure way to use MCP-connected AI tools.
Stop AI agents from leaking private company data through prompt injection attacks.
Track and cap AI spending across teams and automatically switch to cheaper models.
Share internally built or third-party MCP servers through a private registry.
| archestra-ai/archestra | pair-code/lit | adrianhajdin/portfolio | |
|---|---|---|---|
| Stars | 3,653 | 3,653 | 3,652 |
| Language | TypeScript | TypeScript | TypeScript |
| Setup difficulty | hard | moderate | easy |
| Complexity | 4/5 | 3/5 | 2/5 |
| Audience | ops devops | researcher | vibe coder |
Figures from each repo's GitHub metadata at analysis time.
Requires Docker plus Postgres and app data volumes, and Kubernetes for production orchestration.
Archestra is a platform for companies that want to roll out AI tools safely across their whole organization. Its focus is the Model Context Protocol, or MCP, a standard that lets AI models connect to outside tools and data. Archestra takes MCP servers that would otherwise run on individual employees' machines and moves them to a central, managed location, so IT and security teams can see and control what is happening. For platform and security teams, it offers a way to manage which tools can access which data and credentials, and to reduce the risk of AI systems leaking sensitive information. This matters because AI models connected to outside tools can be tricked by hidden instructions embedded in content they read, a problem known as prompt injection, which can cause a model to hand over private data without anyone asking it to. Archestra addresses this with isolated sub-agents that handle risky tool responses separately from the main AI, plus built-in guardrails meant to stop this kind of data exfiltration in a more reliable way than simply hoping the model behaves. For developers, Archestra provides a private registry so teams can share both self-built and third-party MCP servers internally, along with a Kubernetes-native orchestrator that manages how these servers run, including their state, API keys, and OAuth logins. It also includes a built-in knowledge base for retrieval-augmented generation, meaning teams can search their own documents without setting up a separate vector database. For management, the pitch is one-click adoption across technical and non-technical staff, plus cost monitoring: tracking AI spending per team or per project, and automatically switching to cheaper models for simpler tasks to cut costs. The project ships as a Docker container and includes a Terraform provider and Helm chart for production deployment. It is written mostly in TypeScript. The README claims sub-50-millisecond response latency at the 95th percentile and includes a demo showing the security engine blocking an attempted data leak between a private and public repository.
Archestra is a centralized platform that lets companies safely deploy, manage, and secure AI tools that connect to outside data using the MCP standard.
Mainly TypeScript. The stack also includes TypeScript, Docker, Kubernetes.
The README references a license badge but does not state the terms directly.
Setup difficulty is rated hard, with roughly 1h+ to a first successful run.
Mainly ops devops.
This repo across BitVibe Labs
Verify against the repo before relying on details.