For teams shipping agents
Build agents with Wire
Stop rebuilding the context layer. Wire ships it once. Your users bring their own content. Your agent inherits it on connect.
What every agent team ends up needing
Six pieces, every time
Every agent team builds the same plumbing before they get to build the actual product. Permissioned. Scoped. Sourced from systems of record. Synced as those sources change. Wire is the plumbing, built once, so the team can spend their time on the agent.
Ingest
Get context into a shape your agent can read directly, without converting it inside the context window every session. Wire parses uploaded files, sources, and entries into a queryable graph in the background.
Scope
Separate context per project, per customer, per session, per agent. Each context container is its own scope with its own MCP endpoint and credential. Your agent only ever sees what the task needs.
Permission
Decide which agents and humans can read or write each scope. Wire owns the RBAC and the per-credential tool scoping, so you stop relying on "the source-system permissions still apply" once an agent is in the loop.
Retrieve
Get the right slice back in agent-friendly form, across corpuses too large for any context window. Five standard MCP tools (explore, search, navigate, write, delete) work on every context container from day one.
Sync
When the system of record changes, your agent reads the new version. Wire keeps sources in sync. No versioning logic in the agent, no stale snapshots, no rebuild scripts.
Audit
Every action is logged with the agent identity and the user that authorized it. Ready for the security review that will eventually arrive, by default, with no extra work from you.
Privacy and security
Privacy is a substrate property
Before an agent touches production data, a CISO or an auditor asks four questions. Wire's answers are properties of the substrate, not controls your code has to bolt on top.
What can it access?
Isolated
Every context container has its own storage and MCP endpoint. Containers do not share state. Credentials are scoped per container, and none of them escalate to other containers, other users, or org-wide access. The answer is the container boundary itself.
Who authorized it?
Permissioned
Each container has its own policies. Credentials are scoped per container, with a per-credential tool allowlist on top. Your agent only ever sees the tools you granted, on the container the credential scopes to. Access exists because someone granted it, and the grant is on record.
Can you prove it?
Auditable
Two layers are on the record: every action an agent takes through a scoped credential, and every management change (creation, sharing, archival, member changes). What was done, when, on whose authority. Compliance evidence, incident response, and customer-facing transparency come from the same trail.
Can you revoke it?
Revocable
Revoke a credential and access ends, without redeploying the agent or touching anything else. Sharing is explicit and per container, so anything that was granted can be ungranted, one agent at a time or all at once.
Need self-deployment, region pinning, or a custom DPA? Talk to us.
Built on the Wire SDK
wire-memory
We built one too. wire-memory is an open-source plugin that gives AI coding agents persistent memory through a Wire context container. Same SDK, same primitives, same path you would take.
An open-source memory plugin for Claude Code, Codex, and Cursor. It gives coding agents persistent memory across sessions through a Wire context container. The connect flow, the storage shape, the retrieval pattern are all the same ones your agent will use. We use it ourselves every day, and the install is three minutes.
How it works
Two primitives, three methods
Context containers hold queryable context. Agents are registered identities that authenticate, operate within a scope, and are attributed in audit. The SDK connects an agent to a container.
Methods
connect opens the consent flow and returns a scoped MCP URL plus an API key for one context container. getStatus reads the live connection. disconnect revokes the credential.
Stateless and portable
The SDK persists nothing; you keep whatever you want from the Connection. Runs on Node 18+, Cloudflare Workers, Deno, and Bun. Light dependencies, Web Crypto under the hood.
// Install
$ npm install @usewire/sdk
// Connect
import { WireClient } from '@usewire/sdk';
const client = new WireClient({ agentId: 'my-agent' });
// Shows a short code, opens the user's browser,
// resolves once they pick a context container.
const connection = await client.connect();
// Hand to your agent's MCP client:
connection.mcpUrl;
connection.apiKey;
connection.containerId; Skip the plumbing
We can walk you through the SDK, the concepts, and the shape of context container ownership that fits your product. Bring a use case and we will sketch it on the call.