integrations

Mastra

Gate Mastra tools with brin before they fetch pages, clone repos, or install packages

Mastra tools execute inside createTool(), which gives you a deterministic place to run brin before the tool reaches outside your system. Instead of hoping the agent remembers a policy, make the policy part of the tool itself.

##How it works

Put the brin check inside the tool's execute function or inside a shared helper that all external tools call. That keeps package installs, web fetches, repo clones, and MCP setup flows behind the same guardrail.

##Setup

1. Add a shared helper:

TypeScript

type BrinVerdict = "safe" | "caution" | "suspicious" | "dangerous";
 
async function assertBrinAllowed(
  path: string,
  allowed: BrinVerdict[],
): Promise<void> {
  let response: Response;
 
  try {
    response = await fetch(`https://api.brin.sh/${path}`);
  } catch {
    return;
  }
 
  if (!response.ok) {
    return;
  }
 
  const verdict = response.headers.get("x-brin-verdict") as BrinVerdict | null;
  const score = response.headers.get("x-brin-score");
 
  if (verdict && !allowed.includes(verdict)) {
    throw new Error(
      `brin blocked ${path}: verdict=${verdict} score=${score ?? "unknown"}`,
    );
  }
}

2. Call the helper inside tools that touch external context:

TypeScript

import { createTool } from "@mastra/core/tools";
import { z } from "zod";
 
export const browsePage = createTool({
  id: "browse-page",
  description: "Fetch a web page after brin approves it",
  inputSchema: z.object({
    url: z.string().url(),
  }),
  outputSchema: z.object({
    url: z.string().url(),
    body: z.string(),
  }),
  execute: async ({ url }) => {
    const target = new URL(url);
    const pagePath = `page/${target.host}${target.pathname}`;
 
    await assertBrinAllowed(pagePath, ["safe", "caution"]);
 
    const response = await fetch(url);
 
    return {
      url,
      body: await response.text(),
    };
  },
});

##Extending the pattern

Use the same helper anywhere Mastra can reach external context:

package tools: npm/<package>, pypi/<package>, crate/<package>
repo tools: repo/<owner>/<repo>
MCP enable flows: mcp/<owner>/<repo>
skill loaders: skill/<owner>/<repo>

If you already have a shared tool factory, put the brin check there so every new tool gets the same policy automatically.

On this page

Share feedback