Runtime authorization for the agents developers actually use.

Kontext builds runtime authorization infrastructure for AI agents, helping teams enforce least privilege, issue scoped credentials, and audit every tool call.

Kontext helps teams see, understand, and control what AI agents do when they run commands, edit files, call APIs, use MCP tools, or request credentials. The product starts locally for developers and extends into team-managed governance when security, platform, and compliance teams need shared controls.

Why we exist

AI agents now run shell commands, change code, open pull requests, and connect to production-adjacent systems. Traditional access control answers whether a user or service has permission in general. Agentic workflows need a narrower question: should this specific agent action be allowed right now?

Kontext is built around that runtime question. It evaluates the user, agent session, tool, resource, intent, credential request, policy, and risk signal at the point of action, then records the decision in a trace humans can understand.

Operating principles

  • Runtime decisions should be based on the action an agent is about to take, not only on a role assigned earlier.
  • Credentials should be issued just in time, scoped to the session and task, and kept out of agent config files.
  • Security teams should be able to review who acted, which agent ran, what tool was called, and why access was allowed or denied.

Focus areas

  • Local-first policy checks for AI coding agents
  • Scoped credentials for provider and MCP tool access
  • Readable audit trails for autonomous tool use
  • Compliance-ready evidence for agent decisions

Company

Kontext is built by Cobrowser Technology GmbH in Munich, Germany, with a team focused on developer tools, identity, agent security, and production-grade authorization systems.

For legal company details, registration information, and statutory contact information, see the imprint. General contact: hello [at] kontext.security.