Security for agents that act, not just chat.
GuardClaw is runtime security for teams building tool-using agents. Deny-by-default policy, seven independent layers, and a tamper-evident receipt for every decision, running locally on your hardware.
01 / Where GuardClaw sits
Other tools watch the code or the model. We watch the agent act.
AI security has three layers. Most tools live in the first two. GuardClaw owns the third: the runtime, where an agent actually invokes tools, reads files, and calls out.
Code & dependency scanning
Catches vulnerabilities in your source before it runs. Necessary, but blind once the agent is live.
Model input / output filtering
Checks prompts in and responses out. Helpful at the model's edge, but the plan still has to execute.
Runtime agent security
Every shell command, file read, and API call the agent makes is checked against policy, in the fast path.
02 / Try it
Send an attack. Watch it get denied.
Pick a hostile action an agent might attempt. GuardClaw runs it through all seven layers and stops it at the first that catches, then writes a signed receipt.
03 / Defense in depth
Seven layers. Each assumes the others can fail.
One filter at 95% misses 5 in 100. Seven independent layers, each catching what the others miss, miss fewer than 1 in 10 million.
Threat Intelligence
Known-threat detection from compiled patterns and live feeds. A vector one team reports protects everyone.
Input Validation
Catches prompt injection, data leakage, and malicious payloads before they reach your agent.
Policy Enforcement
Deny-by-default. Every action is checked against explicit rules: allow, deny, or escalate.
Capability Tokens
Short-lived, signed, single-use tokens scoped to one approved action. Replays fail automatically.
Sandboxed Execution
Actions run inside isolated boundaries. Agents reach only what they are explicitly allowed to.
Human-in-the-Loop
High-risk operations pause for approval, cryptographically bound to the exact request.
Receipt Chain
A tamper-evident, cryptographically linked audit trail. Every decision, reconstructable.
04 / What defines it
Three decisions, made on purpose.
Local-first
The detection engine runs on your hardware. Your code and your agent's actions never leave the machine to be judged in someone else's cloud.
Deterministic
Compiled pattern matching and rule-based policy, not probabilistic scoring. "Will this be blocked?" has one answer: always, or never. Auditable and reproducible.
Defense in depth
Seven independent layers, each built assuming the others can be bypassed. Compound coverage is the only thing that holds against creative attackers.
05 / Drops into your stack
Works with the agents you already run.
06 / FAQ
Questions, answered.
What exactly does GuardClaw secure?+
The runtime. After the model produces a plan, GuardClaw checks each concrete action the agent takes (shell commands, file reads, network calls, tool invocations) against deny-by-default policy, before any side effect happens.
How is it different from a code scanner or an LLM guardrail?+
Scanners check code at rest (layer 1). Guardrails filter what goes into and out of the model (layer 2). GuardClaw operates at layer 3: it watches what the agent does while running. Different layer, different problem: it complements the others rather than replacing them.
Does my code or data leave my machine?+
No. GuardClaw is local-first: the detection engine runs on your hardware and security decisions happen locally, with no network round-trip. Free plans sync patterns weekly; Pro adds a live feed.
Is detection AI-based?+
No. GuardClaw uses deterministic, compiled pattern matching (Bloom filters, Aho-Corasick, RE2) and rule-based policy. The same input always produces the same decision, so controls are auditable and reproducible.
What are capability tokens and receipts?+
Every approved action gets a short-lived, signed, single-use token scoped to just that action; replays fail. Every decision is written into a cryptographically linked receipt chain, a tamper-evident record built for compliance and fast incident review.
Will it slow my agents down?+
Checks run in the fast path, locally, typically in well under a millisecond. Security that adds heavy latency gets disabled under pressure, so low-latency enforcement was a design requirement, not an afterthought.
Does it guarantee 100% detection?+
No tool does. GuardClaw publishes its rates (97%+ on the built-in corpus) and layers seven independent controls so a miss at one is caught by another. You keep your security team and threat model; GuardClaw is infrastructure, not a replacement.
07 / Talk to us
Securing agents in production? Let's talk.
Questions
Integration, threat model, or deployment questions? We answer fast.
hello@takeinterest.ai ↗Press & research
Writing about agent security or runtime guardrails? We're glad to talk.
press@takeinterest.ai ↗Build with us
Want guardrails tailored to your stack? Tell us what you're running.
Book a call ↗Give your agents guardrails.
Deterministic, local, and layered from the first commit. Start free, sync patterns weekly, upgrade when you need the live feed.