Available now - Public beta

7 layers between your AI agents and disaster.

Security decisions made by rules, not predictions. Runs locally. No LLM in the security path. Your data stays in your infrastructure.

1,560+ detection patterns · 7 defense layers · 0 LLMs in the security path

Start Free Explore layers

The threat landscape

Real CVEs, active exploit patterns, and evidence from production systems.

The threat landscape is real

These CVEs are active in tools used by millions of developers. Each one was observed in real-world environments.

CVE-2026-25253

OpenClaw token exfiltration

Token exfiltration via malicious gatewayUrl override

CVE-2025-6514 CVSS 9.6

mcp-remote command injection

OS command injection when connecting to untrusted servers

CVE-2025-68143

mcp-server-git path traversal

Path traversal via attacker-controlled paths to Git operations

CVE-2025-68144

mcp-server-git argument injection

Argument injection when tool inputs become part of a Git command line

How we're different

Not another proxy and not just an output filter. GuardClaw enforces layered controls before high-impact actions run.

GuardClaw

Deterministic controls run before high-impact actions.

- Runs in your infrastructure with explicit trust boundaries.
- 7 independent layers gate risky actions before execution.
- Audit-ready logs preserve clear evidence for every decision.

Explore all 7 layers

Cloud API Proxies

Centralized proxying creates one high-impact failure point.

- Sensitive prompts transit external proxy infrastructure.
- A proxy outage can stall every downstream request.
- Control logic and latency budgets become tightly coupled.

Output Validators

Checks after generation miss threats that execute earlier.

- Risk reaches the model before enforcement decisions.
- Post-hoc checks cannot prevent every side effect.
- Incident response starts after damage windows open.

GuardClaw

Deterministic controls run before high-impact actions.

- Runs in your infrastructure with explicit trust boundaries.
- 7 independent layers gate risky actions before execution.
- Audit-ready logs preserve clear evidence for every decision.

Explore all 7 layers

GuardClaw enforces deterministic controls before the model executes side effects. That design keeps trust boundaries explicit and incident response faster.

7 layers. Defense in depth.

Each layer operates independently. An attacker must defeat all seven to compromise an agent.

1 Threat Intelligence

CVE and IOC pattern matching, crowd-sourced live threat feeds, and configurable blocklists. Users report new attack vectors; approved patterns protect everyone in real time.

2 Input Validation

Prompt injection detection for tool-call inputs, plus an extensible validation library covering PII redaction, URL/SSRF, path traversal, and command injection. 1,560+ compiled patterns across 11 attack categories.

3 Policy Enforcement

Deny-by-default YAML policies. Allow, deny, or require approval based on tool, action, resource, actor, provider, and untrusted-source context.

4 Capability Tokens

Short-lived, cryptographically signed tokens for every approved action. Single-use, time-bound, scope-limited. HMAC-SHA256 signed and bound to request digest.

5 Sandboxed Execution

Shell wrapper deny-by-default rules, filesystem sandboxing, and HTTP allowlists with SSRF and DNS-rebinding protections.

6 Human-in-the-Loop

High-risk operations pause for human approval. Approvals are bound to request digests to prevent TOCTOU attacks. Optional webhooks for notifications.

7 Receipt Chain

Cryptographically linked audit trail. Every decision recorded with SHA-256 hash chains. Tamper-evident. Built for compliance and forensics.

Try to break it

Launch simulated attacks and watch GuardClaw's seven layers respond in real time.

Attack Types

Defense Layers

Layer 1

Threat Intelligence

Layer 2

Input Validation

Layer 3

Policy Enforcement

Layer 4

Capability Tokens

Layer 5

Sandboxed Execution

Layer 6

Human-in-the-Loop

Layer 7

Receipt Chain

Select an attack type to start

Start in 3 steps

1 Install

brew install guardclaw/tap/guardclaw

2 Initialize

guardclaw init

3 Protect

guardclaw wrap -- your-agent-command

Works with your stack

Claude MCP

MCP stdio server

Cursor

Shell wrapper

OpenClaw

Guard agent plugin

Docker

Sidecar container

Kubernetes

DaemonSet / sidecar

Cloud Run

Container deployment

Free during public beta

All 7 layers. All 1,560+ patterns. Paid tiers coming after beta.

Available now

Free

during public beta

Everything you need to start securing your AI agents today.

All 7 defense layers
1,560+ detection patterns
Local-first CLI
Policy templates
1 workspace
2 environments
2 agents per environment
1,000 receipts / month
7-day data access

Get Started

Coming soon

Pro

$49 / month

For teams running multiple agents in production.

5 workspaces, 5 environments, 5 agents
100,000 receipts / month
90-day data access
Policy packs and receipt export
Slack and email alerts
Priority support

Available after beta

Coming soon

Ultimate

$99 / month

Full control for organizations with compliance needs.

10 workspaces, 10 environments, 10 agents
500,000 receipts / month
365-day data access
Approval workflows and webhooks
SSO / SAML
Audit API and custom policies

Available after beta

Need enterprise features now? Let's talk.

Free during public beta. No catches.

All 7 defense layers, 1,560+ patterns, and 0 LLMs in the security path. Install in 3 minutes. No credit card. No restrictions.

Get Started Free Sign In to Dashboard