Static-registry API-key resolution with constant-time digest match — zero external backend.

HTTP Basic auth with argon2 + bcrypt password hashing and htpasswd migration.

mTLS identity via header injection from upstream TLS termination.

OIDC/OAuth with SSRF guard, JWKS refresh circuit breaker, multi-provider support.

SPIFFE X.509 + JWT-SVID with SPIRE Workload API streaming and hot-reload.

AWS Cedar engine, in-process sub-millisecond eval, hot-reload + @advice / @redact annotations.

OPA in remote (REST) or embedded WASM mode via opa build.

Casbin RBAC/ABAC with explain-deny support and incremental edits.

HTTP webhook callouts with CEL triggers — content scanning, PDP, approval workflows.

CIDR-based client IP filtering with glob pattern matching.

Human approval gate via Slack interactive messages before sensitive tool calls.

Per-tool failure tracking with open/half-open/closed states.

Per-identity / per-tool / per-session throttling with glob matching.

Per-tool TTL cache with identity scoping and eviction.

Structured audit events, pluggable sinks, automatic credential redaction.

Tool-call request/response logging with sampling and redaction.

WASM Component Model transform — masks PII fields (SSN, card, password) pre + post dispatch.

Fire-and-forget HTTP POST for tool-call lifecycle events.

PostgreSQL / MySQL / SQLite via sqlx — parameterized queries, RLS, transactions, driver-level cancel.

Kafka request/reply dispatch + topic resource watches with OIDC auth.

NATS request/reply + Core subject watches with queue-group load balancing.

Machine Payment Protocol — HMAC-bound challenges and USDC charge model.

Coinbase x402 crypto micropayments (HTTP 402 Payment Required).

Universal Commerce Protocol with merchant discovery.

Agentic Commerce Protocol with merchant API callouts.

Config-driven static credentials (API keys, tokens, passwords).

HashiCorp Vault dynamic DB credentials with lease-tracked auto-rotation.

Distributed session/task/pipeline storage + delivery bus via Redis hash + pub/sub.

Distributed storage via NATS JetStream KV + Core pub/sub.

Redis-backed cache (responses, JWKS, rate-limit counters) with atomic Lua scripts.

Vault KV v2 secret resolution (vault://) with lease auto-renewal and native watch.

Cluster coordination via Consul: peer discovery, events, sessions, KV CAS, long-poll watches.

Cluster coordination via etcd v3 gRPC: KV, native Watch, leases, auto-compaction.

Cluster coordination via NATS JetStream: KV leases, fencing, heartbeat presence, CAS leadership.

Built-in MCP catalog provider with operator-defined schema.

Reference native Rust plugin — minimal canonical example.

WASM tool-gate harness for plugin authors.