AI Agent Securityfor AI Developers

AgentGuard helps teams identify risky behaviors, scan agent-related code, tools, and components,and provide security protection before high-risk actions are executed across Claude Code, Codex, Cursor, MCP servers, and other AI development environments.

One-lineChoose your terminal platform
$curl -fsSL https://agentguard.gopluslabs.io/install.sh | bash
For macOS / Linux: installs the OSS CLI and connects local-first runtime protection.·View onGitHub
10,000+
Actions Evaluated
500+
Threats Blocked
6
Policy Rules
<50ms
Avg Decision Time
Why AgentGuard

Why AI Agent Security Matters

AI agents no longer just generate answers. They install Skills, connect to MCP servers, call tools, and execute real actions. As agents gain execution capabilities, security risks move beyond content generation and into runtime behavior.

AI Agents Can Execute Real Actions

AI agents can access files, execute commands, call APIs, and automate workflows. When agents can act, mistakes become consequences.

Skills, Plugins & MCP Servers Introduce Supply-Chain Risk

Third-party Skills, Plugins, and MCP servers may introduce new code, permissions, dependencies, and external resources. As agent ecosystems grow, supply-chain risk grows with them. AgentGuard helps teams perform local scans on agent-related code and components and identify potential risks with threat intelligence.

Prompt Injection Can Influence Tool Behavior

Malicious prompts can influence agent decisions and change how tools are used. The risk becomes real when prompts begin to affect execution.

Static Scanning Is Not Enough

Prompts, tools, permissions, and runtime environments continue to change. AgentGuard helps evaluate observable high-risk actions before execution, and can block them or require user confirmation based on policy.

AI Agents Need a
Guardrail Before
Every Risky Action

Agents can run shell commands, read secrets, call tools, and deploy changes faster than teams can review them. Static scanning helps, but runtime control is where policy becomes enforcement.

!Runtime Threat Landscape
~900
Unreviewed Tool Calls

Shell commands, MCP tools, and browser actions can create production impact in seconds.

283
Secret Access

Agents frequently touch .env files, cloud credentials, private keys, and deployment tokens.

135K+
Missing Audit Trails

Teams need to know which agent attempted what, from which session, and why it was allowed.

3
Supply-chain risk

Skills, plugins, and MCP servers still need scanning before they enter the runtime.

How AgentGuard Works

Three Layers of Protection for AI Agents

Runtime protection, deep security analysis, and continuous monitoring.

Runtime Guard

Runtime Security for AI Agents

Stop risky actions before they run.

Protected Actions
  • Shell Commands
  • File Access
  • Tool Actions
  • Network Requests
  • Secret Access
  • Sensitive Writes
  • Webhook Exfiltration

Deep Scan

Analyze Agent Code and Components

Scan agent-related code and components.

Scanned Components
  • Skills
  • Plugins
  • MCP Server Code
  • Packages
  • Agent Runtime Code
  • 6 Detection Categories
  • 24 Security Rules

OpenClaw Environment Patrol

Continuous Security Monitoring

Detect security drift automatically.

Continuous Checks
  • Skill Integrity
  • Secrets Exposure
  • Network Exposure
  • Cron & Scheduled Tasks
  • File System Changes
  • Audit Log Analysis
  • Environment & Configuration
  • Trust Registry Health

Security Coverage

Protect AI Agents From

Coverage across runtime behavior, code components, and environment drift.

Covered Risks
  • Prompt Injection
  • Credential Exposure
  • Dangerous Commands
  • Data Exfiltration
  • Permission Abuse
  • Supply Chain Risk
  • MCP Tool Risks
  • Secrets Leakage

6 Security Detectors. One Scan.

Every scan runs all detectors in parallel. No configuration needed.

HIGH
Credential Leak Detection

160+ patterns for API keys, tokens, private keys, database connection strings, and embedded secrets across all major providers.

CRITICAL
Prompt Injection Detection

75+ injection patterns including base64-encoded payloads, zero-width character obfuscation, role hijacking, and system prompt extraction.

CRITICAL
Malicious Command Detection

112+ patterns for remote code execution, reverse shells, encoded payloads, pastebin piping, and supply chain compromise techniques.

HIGH
Data Exfiltration Detection

Detects sensitive path access, HTTP/DNS tunneling, credential harvesting, clipboard scraping, and covert data transfer channels.

MEDIUM
Permission Abuse Analysis

Compares declared vs. needed tool permissions, detects dangerous combinations, privilege escalation, and calculates risk scores.

HIGH
URL Analysis

Malicious domain detection, suspicious TLD analysis, phishing pattern matching, URL shortener tracking, and homograph attack detection.

Three Steps to
Secure Your Agents

Step 1
Connect

Install the OSS guard and connect it to AgentGuard Cloud with an API key.

Step 2
Enforce

Evaluate risky actions against custom policy before shell, file, deploy, or tool execution.

Step 3
Audit

Review approvals and session timelines while keeping supply-chain scans in the same workflow.

Industry News

Industry Security News

Track the latest industry updates across AI agents, Web3 security, and infrastructure ecosystems.

Full-Coverage Protection. Start Free.

Protect live agent actions, approvals, audit trails, and supply-chain scans from one control plane. Personal plan includes a 7-day free trial.

Free
$0
forever

Local-first protection for individual agents

  • 100 protected actions / month
  • Runtime policy + supply-chain detectors
  • Basic audit timeline
  • Community support
  • AI deep analysis
  • Webhook and approval notifications
  • Custom runtime rules
Recommended
Personal
$15
/month
7-day free trial

Runtime guardrails for personal agent work

  • 500 protected actions / month
  • Runtime policy + supply-chain detectors
  • Detailed action and scan reports
  • AI deep analysis
  • Batch supply-chain scanning
  • Priority support
  • Custom runtime rules
Starter
$99
/month

Team protection for shared agent workflows

  • 10,000 protected actions / month
  • Runtime policy + supply-chain detectors
  • Full runtime and supply-chain reports
  • AI deep analysis
  • Webhook and approval notifications
  • Team management (5 seats)
  • Priority support
Pro
$499
/month

Advanced governance for production agents

  • 100,000 protected actions / month
  • Runtime policy + supply-chain detectors
  • Full reports + redacted audit logs
  • AI deep analysis
  • Webhook and approval notifications
  • Unlimited team seats
  • Custom runtime rules
Enterprise
Custom

Custom controls for regulated agent operations

  • Unlimited protected actions
  • Runtime policy + supply-chain detectors
  • Full reports + redacted audit logs
  • AI deep analysis
  • Webhook and approval notifications
  • Unlimited team seats
  • Custom rules + private deployment + SLA

FAQ

1. What is AgentGuard?+

AgentGuard is a security platform for AI agents. It combines runtime protection, code scanning, and continuous monitoring to help teams identify risks and protect high-risk actions before execution.

2. How is AgentGuard different from a prompt filter?+

Prompt filters mainly focus on input or output text. AgentGuard focuses on execution risk: what an agent is about to run, access, or trigger.

3. What can AgentGuard detect?+

AgentGuard provides two layers of security analysis. Runtime Guard focuses on observable high-risk actions during execution. Deep Scan uses 6 detection categories and 24 security rules to perform static risk analysis on agent-related code and components.

4. What is Daily Patrol?+

Daily Patrol continuously checks agent environments for security drift. Today, fully automated Daily Patrol workflows are mainly designed for OpenClaw environments.

5. Does AgentGuard upload my code, prompts, secrets, or file contents?+

In local mode, AgentGuard does not upload full code, prompts, secrets, or file contents. When cloud services are enabled, AgentGuard may upload sanitized action previews and metadata to support review, approval, and audit workflows.

6. Does AgentGuard support MCP?+

AgentGuard supports MCP server scanning and MCP-related integrations. However, it should not be described as fully monitoring or blocking all third-party MCP runtime calls today.

7. Which agent platforms does AgentGuard support?+

AgentGuard supports runtime hooks for Claude Code, OpenClaw, and Hermes. For Codex, Gemini, Cursor, and Copilot, support mainly depends on Skill or command-level integrations and may vary by environment.

Your Agents Deserve a Runtime Control Plane

Connect local OSS guards to Cloud policy, approvals, audit timelines, and supply-chain scanning.