Use cases
Plugging every MCP server into an agent hands it hundreds of tools it will never use — and pays for them on every turn. Hodor exposes only what the job needs, with policies on top.
01 · Reduce attack surface
A tool an agent can see is a tool it can call — by mistake, through a poisoned input, or an over-eager plan. Hodor scopes each agent to the handful of tools its job needs, and constrains how those can be used.
“Blast radius measures the potential damage if something goes wrong.”
Reads the error, inspects the deploy that shipped it, traces it through the code, and files the fix.
122
tools if you plug every MCP
8
exposed via Hodor
Policies Hodor adds
Pulls revenue and product data across the stack, joins it, and answers questions — without write access to any of it.
112
tools if you plug every MCP
9
exposed via Hodor
Policies Hodor adds
Looks up the customer, checks their billing, drafts the reply, and books the follow-up — scoped to the ticket in hand.
106
tools if you plug every MCP
10
exposed via Hodor
Policies Hodor adds
02 · Tool token optimisation
Every tool an agent is offered ships its full definition into the prompt. Cut the catalog from hundreds of tools to the few it needs and the savings compound across the run — fewer tool tokens, less context, lower cost.
| Model | Tools | Tool tokens | Cost / run | Time to first token |
|---|---|---|---|---|
| claude-opus-4-8 | −87% | −70% | −61% | −12% |
| mistral-large-latest | −87% | −71% | −53% | −3% |
| gpt-5.5 | −87% | −66% | −15% | −12% |
Test ran across multiple use cases on Notion, Linear, Sentry, GitHub and 14 other MCP servers.
03 · Free up context
Tool definitions aren't sent once. They ride in the prompt on every single turn between your harness and the model — local or server-side. A bloated catalog burns context window the agent never uses, on every loop step, pushing out the room it actually needs for the task.
Scope the tools and that weight disappears for the whole run — up to 60% less context spent on tooling in our tests.
Context window, per turn
room left for the actual task
04 · Hide personal identifiers from AI
Hodor runs a model that detects and redacts personal identifiers in the data tools return — built on OpenAI's privacy model and hosted on our own French infrastructure (Koyeb × Mistral). It can also run inside your own VPC, so sensitive data never leaves your perimeter.
Detects and redacts
Names, emails, URLs, secrets, and any other PII — stripped from tool responses before the agent or model ever sees them.
Your perimeter, your choice
Runs on our French servers by default, or deploy the redaction model inside your own VPC. Sensitive data stays where you decide.
Redact or tokenize
Tokenize instead of redact, so you can still run analysis and cross-reference anonymized data without ever exposing the real values.
Bring an agent you're about to ship. We'll scope it live and show you the before and after.
