OnGarde – Runtime content security proxy for self-hosted AI agents
Transparent proxy blocks agent leaks to LLM APIs without touching agent code.
Roles, segregation of duties, and tamper-evident audit for the AI agents you already run. Open-source, self-hosted.
Transparent proxy blocks agent leaks to LLM APIs without touching agent code.
Scans for unguarded Stripe refunds and DB deletes before your agent loops.
19-pattern MCP tool security scanner filling a real gap in agent ecosystem governance.
Session types make dangerous actions code-unreachable, not just policy-blocked.
Fuchsia-inspired capability model for agent benchmarks solves reproducibility existing tools ignore.
Every tool call is caught by middleware, scored against built-in rulesets like destructive-commands, secrets/* and exfiltration/* in under 5ms, then enforced as block/confirm/allow via a clawsec.yaml — neat, pragmatic attack surface reduction. The demo and auto-generated config make onboarding trivial, but it currently reads as an OpenClaw-first solution; broader agent-framework integrations or stronger isolation guarantees would make this a must-install.