Most developers encounter AI through a chat box. They type a message, the model responds, and that is the full extent of the integration. This works for demos. It does not work for enterprise software.
Enterprise AI needs to persist memory across sessions. It needs to validate decisions against governance policies. It needs to generate proposals, pitch decks, and compliance reports on demand. It needs security controls that are enforced at the architecture level — not configured and hoped for.
OdinClaw is the infrastructure layer we built to make this possible.
What OdinClaw Is
OdinClaw is an agentic AI gateway, fully compatible with the OpenAI API. The integration path is two lines: change your base_url and your api_key. Your existing application keeps working, and it immediately gains access to web search, code execution, URL reading, file analysis, and image generation as built-in tools.
But the OpenAI compatibility is just the entry point. What OdinClaw actually provides is a set of capabilities that go considerably further than model access.
The distinction matters because it reflects a broader shift in how enterprises should think about AI integration. A model API gives you text generation. An AI gateway gives you governed, auditable, tool-equipped intelligence that slots into existing application architectures. For European enterprises operating under the EU AI Act — which entered into force in August 2024 and begins phased enforcement through 2026 — this distinction has regulatory weight. Article 14 of the AI Act requires human oversight mechanisms for high-risk AI systems. A raw model API provides none of that. A governed gateway can.
Four MCP Servers, Ready to Install
The Model Context Protocol (MCP) is how AI clients like Claude Desktop, Cursor, and VS Code receive new capabilities. An MCP server is a package you install that exposes tools the AI can call. We have published four:
Brain MCP (@odinlabs-ai/brain-mcp-server) gives the model persistent memory. It exposes four tools: memory query, memory write, memory search, and namespace list. When you install Brain MCP, your AI can write facts to a governed knowledge store and retrieve them in future sessions. This is the difference between an AI that forgets everything when the conversation ends and one that accumulates organizational context over time.
In practice, this means a developer using Claude Desktop can ask "What architectural decisions did we make about the payment service?" and receive a structured answer drawn from BrainDB — not from whatever happens to be in the current conversation window. The memory persists across sessions, across team members, and across tools.
Governance MCP (@odinlabs-ai/governance-mcp-server) brings enterprise decision controls. Four tools: policy validate, compliance check, audit query, decision log. Before the AI commits to a recommendation, it can verify that recommendation against your governance policies. Every decision gets logged. Every audit query returns structured, queryable results.
Consider a scenario where a product manager asks an AI assistant to recommend a third-party vendor for data processing. Without governance controls, the AI produces a recommendation based on general knowledge. With Governance MCP, the AI first checks whether the recommended vendor meets your data residency requirements, your approved vendor list, and your budget thresholds. The compliance check happens before the recommendation reaches the user, not as an afterthought.
Sales MCP (@odinlabs-ai/sales-mcp-server) handles the documents that move deals forward. KYC enrichment, proposal generation, pitch deck creation, and offer generation — all as tool calls. The AI does not just describe what a proposal might contain; it generates the document.
Academy MCP (@odinlabs-ai/academy-mcp-server) enables intelligent learning workflows. Curriculum query, lesson content retrieval, exercise generation, and answer assessment. These tools let you build AI-powered training experiences that understand your actual course content.
All four are published on GitHub Packages under @odinlabs-ai. Install via npm, point your MCP-compatible client at the server, and the tools are available.
How MCP Installation Works in Practice
For teams unfamiliar with MCP, the setup process is straightforward:
- Install the package:
npm install @odinlabs-ai/brain-mcp-server(or whichever server you need) - Configure your client: Add the server to your MCP client configuration (each client has its own config format — Claude Desktop uses
claude_desktop_config.json, Cursor uses its settings panel) - Provide credentials: Set your OdinClaw API key and the endpoint URL for your Odin deployment
- Start using the tools: The AI client automatically discovers available tools and can invoke them during conversations
The key architectural insight is that MCP servers run locally on the developer's machine but connect to your centralized Odin deployment. This means organizational memory, governance policies, and audit trails are shared across the entire team, while each developer's AI client configuration remains independent.
Security That Runs Before the Model
Security in most AI integrations is an afterthought. You add a content filter after you realize you need one, configure rate limits after your first abuse incident, and add logging after your first compliance inquiry.
OdinClaw inverts this. Security runs before the model sees any request.
Dual verification means every incoming request passes through two independent harnesses. The gateway checks API keys, rate limits, and request structure. The governance layer validates the request against configured policies. Both must pass. This dual-layer approach follows the principle of defense in depth — a concept well established in information security and recommended by ENISA (the European Union Agency for Cybersecurity) for critical infrastructure.
The classification engine runs 14 detection patterns across 4 severity levels. It evaluates content for sensitive information before it leaves your system — before it reaches the model, before it reaches any external API. The classification happens at the gateway, not as a post-processing step.
What does this mean concretely? If an employee pastes a customer's personal data into a prompt, the classification engine detects PII patterns (email addresses, phone numbers, national ID formats) and can block the request before it ever reaches the LLM provider. Under GDPR Article 5(1)(f), organizations must ensure "appropriate security of the personal data." Sending unredacted PII to a third-party model endpoint without contractual safeguards is a compliance risk. OdinClaw's pre-model classification addresses this at the architecture level.
The kill switch is exactly what it sounds like. If a specific capability — LLM access, code generation, web fetch — needs to be disabled for a specific API key or target, you disable it. Instantly. The change is logged to the audit chain.
The audit chain uses SHA-256 hashing to create tamper-evident logs of every interaction. This is not a database table that can be quietly edited. The chain structure means any modification to a past record breaks the chain's integrity, making tampering detectable. For organizations that need to demonstrate AI usage accountability to regulators or auditors, this provides a verifiable record of every AI interaction that passed through your infrastructure.
This security architecture lives in openclaw-integration/src/security/. It is not a marketing claim — it is running code. For a deeper look at how governance and security intersect across the Odin platform, see our AI governance framework for enterprises.
Agent Protocol: Orchestration via REST
The five agentic tools (web search, code execution, URL reader, file upload, image generation) are available to any model automatically. But sometimes you need to invoke a specific capability programmatically, from application code, not from a model conversation.
Agent Protocol exposes five service capabilities at /ap/v1/*:
code-review— structured analysis of pull requests and code changesdocument-generation— proposal, report, and content creationknowledge-query— semantic search across organizational memorytraining-content— curriculum and lesson material retrievalcompliance-check— policy validation against governance rules
The interface is a standard REST POST:
POST /ap/v1/agent/tasks
{
"capability": "code-review",
"target": "https://github.com/org/repo/pull/42",
"options": {
"model": "claude-sonnet-4-6",
"include_suggestions": true
}
}
No SDK required. No special client library. If you can make an HTTP request, you can call the Agent Protocol.
Practical Integration Patterns
Agent Protocol becomes particularly powerful when integrated into existing CI/CD pipelines and business workflows. Here are three concrete patterns:
Automated PR Review Pipeline: Your CI system triggers a code-review task on every pull request. The review runs against your organizational coding standards (stored in BrainDB), checks for architectural violations, and posts structured feedback directly to the PR. This is not a generic linter — it understands your project's specific constraints and decisions.
Compliance-Gated Document Workflow: A sales representative drafts a proposal through your CRM. Before the proposal is sent, your backend calls document-generation to produce the formatted document, then immediately calls compliance-check to validate it against current legal and regulatory constraints. The representative sees either an approved document or a list of specific issues to resolve.
Knowledge-Enriched Onboarding: Your HR system triggers knowledge-query and training-content tasks when a new employee joins. The system assembles a personalized onboarding package that includes relevant architectural decisions, team-specific processes, and training materials — all drawn from your organization's actual accumulated knowledge, not generic onboarding templates.
B2B Self-Serve Onboarding
The self-serve path is intentional. We are not interested in enterprise sales cycles that require three calls, a legal review, and a 90-day evaluation period before you can write a line of code.
Sign up at app.claw.odin-labs.ai. Your API key is ready immediately. The free tier includes 100K tokens — enough to build a working integration and understand whether OdinClaw fits your needs. No credit card required.
When you are ready to scale, the upgrade path is straightforward: Starter at EUR 9/month for 1M tokens, Pro at EUR 29/month for 5M tokens, Scale at EUR 99/month for 25M tokens. All plans include all models and all agentic tools. Token overages bill at transparent per-token rates. See the full breakdown on our pricing page.
For organizations that need to run the gateway on their own infrastructure — a common requirement for European enterprises handling sensitive data — OdinClaw supports on-premise deployment. The same gateway, the same MCP servers, the same Agent Protocol, running inside your own network perimeter. See how to deploy AI on your own infrastructure for the technical details.
What This Enables
The combination of OpenAI compatibility, MCP servers, dual-harness security, and Agent Protocol REST endpoints means you can build things that are not possible with a standard model API:
An application that remembers what it learned in previous sessions, checks its decisions against governance policies, and logs every action to a tamper-evident audit chain. A sales workflow that enriches prospect data, generates a customized pitch deck, and routes the result through a compliance check — all in a single agentic loop. A training system that queries existing curriculum, generates exercises calibrated to the learner's progress, and assesses answers against structured rubrics.
These capabilities are what the four MCP servers are built for. The governance and audit capabilities behind OdinClaw are the same ones described in our AI governance framework for enterprises. For organizations evaluating whether to keep AI data on their own servers, we cover the trade-offs in detail in on-premise AI vs cloud AI: a comparison for 2026.
Getting Started
The API base URL is api.claw.odin-labs.ai/v1. Your API key starts with oc_live_. Every major OpenAI SDK works without modification.
For MCP integration, install the relevant server package via npm and configure your client. For Agent Protocol, make HTTP POST requests to /ap/v1/agent/tasks with your API key in the Authorization header.
The documentation is available at app.claw.odin-labs.ai. The free tier starts immediately.
If you want to see OdinClaw in context — how the gateway connects to BrainDB, the hub architecture, and the broader Odin platform — request a demo and we will walk through your specific integration scenario.
Questions about OdinClaw for your specific use case? Get in touch — we respond to technical inquiries directly.