0.49.0 • Published 23h agoCLI

@solongate/proxy

Licence

MIT

Version

0.49.0

Deps

Size

1.4 MB

Vulns

Weekly

752

Summary Dependency Versions

@solongate/proxy

Don't npm i this. There's nothing to install. Run the two commands below to pair your machine:
npx -y @solongate/proxy@latest
npx -y @solongate/proxy@latest login

Security for AI agents. SolonGate enforces a security policy on every action an AI agent takes — every tool call is allowed, blocked, or logged before it runs. No code changes.

AI agent ──(tool call)──> SolonGate guard ──> Tool runs
                               │
                          [policy eval]   ← OPA-WASM, fail-closed
                          [prompt-injection scan]
                          [allow / block / audit]

SolonGate comes in two editions that share the same policy model and dashboard:

Cloud — managed, nothing to host. Pair your machine with one command and manage policies + audit logs at dashboard.solongate.com.
Local / air-gapped — run the whole stack on your own hardware with Docker, zero outbound connectivity, no API keys.

Quick start (Cloud)

You need: a free SolonGate account, Node.js 18+ on the machine you want to protect, and an AI tool that makes tool calls (Claude Code; Gemini CLI is also supported).

Pair the machine and turn on the guard — no API keys to copy. First fetch SolonGate, then log in:

npx -y @solongate/proxy@latest
npx -y @solongate/proxy@latest login

It opens your browser to authorize the device. Approve it from your signed-in dashboard and SolonGate installs a global guard hook that intercepts every tool call from every AI session on the machine and evaluates it against your active policy.

Start a new terminal session afterwards — hooks load when a session starts, so already-open terminals aren't guarded yet.

Write a policy

Open Policies in the dashboard and create one. A policy is a set of rules; each rule targets a tool plus a constraint (path / command / filename / URL) and is either ALLOW or DENY. Two modes:

Denylist — everything is allowed except what you block (e.g. deny any file named *.env, or commands matching *rm -rf*).
Whitelist — nothing is allowed except what you permit.

Click Activate to make a policy the one the guard enforces. Rules compile to an OPA-WASM bundle and take effect on the next tool call.

Review the audit log

Every decision shows up under Audit — what was allowed, what was blocked, and which rule matched. When a legitimate action is blocked, open the entry and click Whitelist this: SolonGate adds a narrow ALLOW exception for exactly that action and recompiles. Revoke any exception from Granted exceptions.

Uninstall

npx @solongate/proxy init --global --restore

Why SolonGate?

AI agents get direct access to your system — shell, file system, databases, network. A single prompt-injection attack can turn your assistant into an attacker. SolonGate sits between the agent and the action, enforcing your policy on every tool call before it runs, and recording every decision for audit.

Docs: solongate.com/docs
Dashboard: dashboard.solongate.com
Air-gapped guide: solongate.com/docs/local

License

MIT

Keywords

ai-tool-security ai-tool-proxy security proxy gateway firewall ai-security tool-security claude openclaw solongate prompt-injection path-traversal rate-limiting