Open Source · MIT · v0.8.0

The operating layer
for the agentic web.

See everything your agents are doing. Monetize tool usage. Prove every decision back to the human who authorized it.

Extracted from production — 221 MCP tools across 26 practices at businys.app.

Quick start

npm install @businys/ops

import { observe } from "@businys/ops"

const ops = await observe()
// Dashboard: http://localhost:3100

// Wire into your MCP server pipeline
server.use(ops.middleware)

That's it. A local dashboard opens at localhost:3100. Every tool call is now visible in real time. No account required.

OBSERVER MODE

Your agents, in real time

One line of code. No account. Every tool call your agents make — visible instantly.

Total calls
0
Error rate
0.0%
Avg latency
0ms
Tool call feedLive
Starting…

Three problems. One library.

Observer Mode

See everything.

One line of code. No account. A local dashboard that shows every tool call your agents make — name, agent ID, latency, status, error traces. The gap between "my agent did something" and knowing exactly what closes in 60 seconds.

Real-time feedAgent reputationLoop detectionSSE dashboard

MCP Revenue

Monetize anything.

Per-call billing instrumentation, credit wallets, Stripe Connect integration. The same problem Stripe solved for card payments in 2010, appearing in the AI layer in 2026. One config block replaces 4–8 weeks of billing engineering.

Per-call pricingCredit walletsStripe Connect0.5% take rate

Agent Lineage

Trust completely.

A causal graph that traces every tool call back to the originating human intent — through every agent delegation, with cryptographic integrity. Built for the EU AI Act, SOC 2 auditors, and the next generation of multi-agent workflows.

Causal DAGEU AI ActA2A tracingCryptographic proof

Batteries included

Full middleware pipeline.
Zero configuration.

createMCPProxy assembles the full pipeline in the correct order. Disable anything. Add OTel tracing, Agent Lineage, or your own middleware.

Lineage — Causal DAG from human prompt to every tool call

OpenTelemetry — Spans + attributes — bring your own Tracer

Reputation — Score-based throttling + loop detection

Rate Limiting — Per-agent, per-group, sliding window

Confirmation — Destructive actions require explicit confirm

Metering — Every call recorded with cost attribution

Audit Log — Append-only structured JSON to stderr

import { createMCPProxy, MemoryLineageStore } from "@businys/ops"

const proxy = createMCPProxy({
  rateLimit: { globalMax: 1000, windowMs: 3_600_000 },
  lineage:   { store: new MemoryLineageStore() },
  // telemetry: { tracer }  // plug in your OTel tracer
})

Production-proven

Not a greenfield build.

Every module in @businys/ops was extracted from the production middleware stack powering businys.app — 221 MCP tools across 26 practices, handling real agent traffic. We run this ourselves, which means every design decision was made under production constraints.

221

MCP tools

26

practices

7

middleware layers

MIT

license

🍁 Infrastructure

Hosted in Canada.

The Businys Dev hosted dashboard runs on Supabase ca-central-1 (Montréal) and Vercel yul1 (Montréal). Your tool call records, agent lineage chains, and audit logs never leave Canadian jurisdiction.

Canada holds an EU adequacy decision — meaning your Canadian-hosted audit data already satisfies GDPR's third-country transfer requirements for EU users. No SCCs. No supplementary measures. One less compliance problem if you're shipping MCP tools to European teams.

PIPEDA

Federal privacy law governing all commercial data. Compliant by default — no cross-border transfers.

Quebec Law 25

No Privacy Impact Assessment required. Data stays in Canada.

GDPR adequacy

Canada's adequacy decision has been in place since 2002. EU data flows to Canada without additional safeguards.

EU AI Act

Your audit log and Agent Lineage data is stored in an EU-adequate jurisdiction. Simplifies Article 10 data governance obligations.

Security

30 CVEs in 60 days. Most MCP servers ship without a security layer.

30 CVEs were filed against MCP implementations in January–February 2026. 82% involve path traversal vulnerabilities — unauthenticated callers reading files outside the intended scope. The root cause is the same every time: no auth, no input validation, no rate limiting between the protocol layer and the tool execution layer. @businys/ops is that middleware layer.

Auth middleware

API key validation with per-key scoped permissions. Blocks unauthenticated callers before any tool runs.

Input validation

Schema enforcement on every tool call. Malformed or out-of-scope inputs are rejected at the middleware layer.

Rate limiting

Per-agent call limits with configurable windows. Prevents runaway loops and resource exhaustion.

Audit log

Every tool call, every result, every identity — immutable record. Know exactly what ran, when, and who authorized it.

Start in one line.

npm install @businys/ops

Read the docs View on GitHub

The operating layerfor the agentic web.