Dieter_be —
when using archestra, (e.g. in the archestra-openclaw example docker setup), do you always get the dual-llm-injection-prevention out of the box for every single request?
#general
Hello everyone 👋
I see the roles/persmissions are defined at the archestra dashboard level, over what an user is able and not able to do. Is there a way, I can get it more workflow levels, for example, APIs for disabling access for a user to A2A Gateway or MCP Gateway or LLM Gateway?
hey looking to join a team, ping me
Hi team! :rotating_light:
Quick question about MCP Gateway tool policies:
I've set
agent-mesh-tools__docker_status to *"Blocked"* in the Tool Policies page, but when I call it through the MCP Gateway, it still executes successfully.*Setup:*
• Gateway:
dac6e444-f791-423b-b724-4df4edae8182• Profile: Default Profile
• Using Authorization Bearer token
• Endpoint:
localhost:9000/v1/mcp/{gateway-id}*Expected:* Policy violation error
*Actual:* Tool runs normally
Is there an additional step needed to enforce policies? Or should policies only apply to LLM Proxy calls, not direct MCP client calls?
Screenshots attached showing the blocked status in UI.
Thanks!
2fast2mcp submission channel?
will all participants get certificates?
Can anyone tell what exactly to build in the #2Fast2MCP hackathon?
@user
when using archestra, (e.g. in the archestra-openclaw example docker setup), do you always get the dual-llm-injection-prevention out of the box for every single request?
Hello everyone! Im finding my way around Archestra, its the first time Im using a tool like this. I wanted to install a Google Workspace MCP server, but I'm facing some issues. Is it supported?
I see MCP servers have recommended protocol of OAuth2.1. But if I were to try adding it to Archestra set up using Add MCP Server to the Private Registry, and select OAuth2.0; will the auth work as usual?
Hi everyone !
I'm a beginner in AI but strong in MERN full stack
Looking for teammates & simple project ideas.
Excited to learn
when you run the archestra/platform docker container, it seems to auto-start another container, kindest/node:v1.35.0, for the mcp control plane. this is an "interesting" pattern. i prefer having all my containers defined in docker-compose
New release! 🚀🚀🚀
1.0.42 (2026-02-10)
Features
Bug Fixes
- cleanup stale sessions and fix catalog config comparison (#2701) (952f431)
- detect "session not found" and retry with fresh session (#2703) (7d9eee6)
- detect stale session with ping (#2705) (7379620)
- revert organization logo preview when upload fails (#2680) (34e61d6)
Miscellaneous Chores
Hi team — quick question about A2A agents.
I’m calling an agent via A2A (
/v1/a2a/{agentId}) and the request reaches the agent, but execution fails with:“LLM Provider API key not configured. Please configure it in Chat Settings.”
I already added an API key in Chat Settings and MCP tools are working fine.
Do A2A agents require a separate provider/model binding in the Agent config itself?
Thanks 👍
Hello @everyone, this is Oswald. I’m currently an undergraduate student, but I already have some experience working with a Simple MCP Server.
I would really appreciate some guidance on how to get started here, because many of the terms being used feel quite technical to me.
👋 Hi everyone, I’m Tushar. Looking forward to hacking together and learning from you all. Great to meet the community!
:halo_wave:1
Hi everyone, I’m Rahul . Looking forward to hacking together and learning from you all. Great to meet the community!
Can we use an model that we have downloaded locally with ollama
and if yes, then can you guide me
Hello! I am trying to chat with my LLM, but it tells me "LLM Provider API key not configured. Please configure it in Chat Settings".
I have already configured a Mistral API key in the settings but it still throws me this error.
I checked the logs and it looks like its using Anthropic API by default. Is there a way to fix this?
Hi archestra team, Archestra Docker quickstart fails on Windows with 'failed to create KinD cluster, kubelet not running'. Any workaround?
Hello everyone,👋
Myself Harsh, a first-year undergraduate student.
I’m excited to participate in this hackathon and collaborate with the community.
I’m open to joining a team and eager to learn, contribute, and grow through this experience.
Looking forward to working with you all.
Read-only live mirror of Archestra.AI Slack
👋Join the discussion withAI enthusiasts!when using archestra, (e.g. in the archestra-openclaw example docker setup), do you always get the dual-llm-injection-prevention out of the box for every single request?
4 replies
The dual LLM is configured separately depending on the use case. Regular static policies are applied by default
so how does it block injections out of the box?
Joey had a write-up with some details how to lock it down
short answer - you can configure individual tool policies to use the dual-llm approach, it's not enabled for all tools out of the box.
longer answer 👇
This is relevant when the LLM has used the given tool, and Archestra is determining whether or not the results of that tool usage have now exposed the LLM to "untrusted data" (aka tool result policies) - the context being trusted/untrusted has an impact on subsequent tool-calls
You have a few options:
• blanket rules - results for the tool are always trusted (or untrusted)
• deterministic rules - in the example of
gmail_getEmails the rule could be something like if contains(data[*].from, "@archestra.ai") then "trusted" (pseudo-rule; see screenshot)• dual-llm (there's a good explanation here on the details of how this works)