Show HN: Wombat, a Unix-style rwxd permissions for MCP tool calls(github.com)
github.com
Show HN: Wombat, a Unix-style rwxd permissions for MCP tool calls
https://github.com/usewombat/gateway
1 comments
Interesting implementation. We have had better reliability by treating tool access as a capability-routing layer: request by task, not fixed provider, with explicit cost/latency constraints and runtime trust state (verified, reachable, failed). It keeps orchestration logic out of agent code and makes fallback behavior auditable.
Every file on a Unix system has rwx permissions. Every process has a user. We have that for decades. Agents in 2026 are running with the same access level as the developer who run them.
Wombat applies the Unix model to MCP tool calls. You declare rwxd permissions on resources in a manifest. The same push_files tool is allowed on feature branches and denied on main. It is a proxy that sits between Claude Code and your MCP servers. It checks permissions.json on every call, and either forwards or denies.
Zero ML, fully deterministic, audit log included, Plugin system for community MCP servers
GitHub: https://github.com/usewombat/gateway npm: npx @usewombat/gateway --help