Runtime Security
for AI Agents — Before Action

AgentGuard enforces policy before risky tool calls, routes sensitive actions through approvals, records audit timelines, and scans agent supply-chain packages before they run.

$curl -fsSL https://agentguard.gopluslabs.io/install.sh | bash

Installs the OSS CLI and connects local-first runtime protection · View on GitHub

AgentGuard Scanner
deploy-helper/SKILL.md
Initializing...0%
BLOCKED3 threats detected
28
Safety Score
CRITICALcurl-pipe-bashLine 42
HIGHenv-var-exfiltrationLine 8
MEDIUMexcessive-permissionsLine 3
Scanned in 127ms6 detectorsCWE-78, CWE-200
10,000+
Actions Evaluated
500+
Threats Blocked
6
Policy Rules
<50ms
Avg Decision Time
Runtime Threat Landscape

AI Agents Need a Guardrail Before Every Risky Action

Agents can run shell commands, read secrets, call tools, and deploy changes faster than teams can review them. Static scanning helps, but runtime control is where policy becomes enforcement.

~900
Unreviewed Tool Calls

Shell commands, MCP tools, and browser actions can create production impact in seconds

283
Secret Access

Agents frequently touch .env files, cloud credentials, private keys, and deployment tokens

135K+
Missing Audit Trails

Teams need to know which agent attempted what, from which session, and why it was allowed

3
Supply-Chain Risk

Skills, plugins, and MCP servers still need scanning before they enter the runtime

6 Security Detectors. One Scan.

Every scan runs all detectors in parallel. No configuration needed.

HIGH

Credential Leak Detection

160+ patterns for API keys, tokens, private keys, database connection strings, and embedded secrets across all major providers.

CRITICAL

Prompt Injection Detection

75+ injection patterns including base64-encoded payloads, zero-width character obfuscation, role hijacking, and system prompt extraction.

CRITICAL

Malicious Command Detection

112+ patterns for remote code execution, reverse shells, encoded payloads, pastebin piping, and supply chain compromise techniques.

HIGH

Data Exfiltration Detection

Detects sensitive path access, HTTP/DNS tunneling, credential harvesting, clipboard scraping, and covert data transfer channels.

MEDIUM

Permission Abuse Analysis

Compares declared vs. needed tool permissions, detects dangerous combinations, privilege escalation, and calculates risk scores.

HIGH

URL Analysis

Malicious domain detection, suspicious TLD analysis, phishing pattern matching, URL shortener tracking, and homograph attack detection.

Three Steps to Secure Your Agents

Step 1

Connect

Install the OSS guard and connect it to AgentGuard Cloud with an API key.

Step 2

Enforce

Evaluate risky actions against custom policy before shell, file, deploy, or tool execution.

Step 3

Audit

Review approvals and session timelines while keeping supply-chain scans in the same workflow.

Industry News

Industry Security News

Track the latest industry updates across AI agents, Web3 security, and infrastructure ecosystems.

Full-Coverage Protection. Start Free.

Protect live agent actions, approvals, audit trails, and supply-chain scans from one control plane. Personal plan includes a 7-day free trial.

Free

$0forever

Local-first protection for individual agents

100 protected actions / month
Runtime policy + supply-chain detectors
Basic audit timeline
Community support
API access (1 key)
AI deep analysis
Webhook and approval notifications
Custom runtime rules
Recommended

Personal

$15/month

7-day free trial

Runtime guardrails for personal agent work

500 protected actions / month
Runtime policy + supply-chain detectors
Detailed action and scan reports
AI deep analysis
API access (2 keys)
Batch supply-chain scanning
Priority support
Custom runtime rules

Starter

$99/month

Team protection for shared agent workflows

10,000 protected actions / month
Runtime policy + supply-chain detectors
Full runtime and supply-chain reports
AI deep analysis
API access (10 keys)
Webhook and approval notifications
Team management (5 seats)
Priority support

Pro

$499/month

Advanced governance for production agents

100,000 protected actions / month
Runtime policy + supply-chain detectors
Full reports + redacted audit logs
AI deep analysis
API access (50 keys)
Webhook and approval notifications
Unlimited team seats
Custom runtime rules

Enterprise

Custom

Custom controls for regulated agent operations

Unlimited protected actions
Runtime policy + supply-chain detectors
Full reports + redacted audit logs
AI deep analysis
Unlimited API keys
Webhook and approval notifications
Unlimited team seats
Custom rules + private deployment + SLA

Your Agents Deserve a
Runtime Control Plane

Connect local OSS guards to Cloud policy, approvals, audit timelines, and supply-chain scanning.

Read the Docs