Search for a command to run...
The proliferation of tool-augmented large language models (LLMs) has introduced a class of access control problems for which existing primitives are structurally inadequate. Current mechanisms — OAuth 2.0, role-based access control (RBAC), API gateway policies, and protocol-level scope management — operate at the invocation level: they prevent an authenticated agent from executing a tool call. We identify a distinct and previously uncharacterized access control primitive that we term discovery-gating, which operates at the existence level: it prevents an AI agent from learning that a tool exists. We formalize the distinction between invocation-gating and discovery-gating, demonstrate that the two primitives produce fundamentally different security and efficiency properties, and present Soul Gate, a concrete state machine implementation of discovery-gating for the Model Context Protocol (MCP). Soul Gate intercepts tool-definition discovery requests at a transparent proxy layer and withholds tool schemas until a stateful identity handshake has been completed. We further describe three complementary mechanisms: a tiered identity delivery protocol, a semantic density negotiation protocol, and a continuity membrane enabling cross-session identity persistence. A cross-platform audit of Anthropic, OpenAI, and Google AI tool systems confirms that no existing platform implements discovery-gating. Patent Support: Patent 7 — Delivery Protocol (18 claims, 5 independent). USPTO App# 64/022,465, filed March 30, 2026.