AI agent security & MCP security middleware — prompt injection detection, AI firewall, runtime guardrails & data-loss prevention for LLM tool calls. 8-layer defense against data exfiltration & dangerous commands. Zero dependencies. SDK + OpenClaw plugin.
Salus — CLI de AppSec com IA. Code review, análise de vulnerabilidades, hardening defensivo e auditoria AI/LLM. Modo BYOK (Bring Your Own Key).
Deny-first Pi guardrails that keep LLM shell and file access safe, transparent, and user-approved.
Inline PII, credential, and regulated-data classifier for AI agent I/O. Dual-layer: deterministic regex + optional semantic Guard. Library + CLI.
Static security scanner for AI CLI and MCP configurations — detects credential leaks, prompt injection, jailbreaks, and supply chain risks
Safety firewall SDK for humans and AI agents — scan untrusted text for scams/phishing and prompt-injection before you (or your agent) trust it.
Runtime security for AI agent tool execution. Detects, correlates, and interrupts guarded Lethal Trifecta attack paths.
LangChain integration for SafePrompt: prompt-injection detection as a callback handler. Validates every prompt flowing through a chain before it reaches the LLM.
Safety tests for AI apps and agents. Catch prompt injection, privacy leaks, unsafe advice, and unauthorized tool actions before production.
AI red-teaming for the AI agents & LLM apps you own: stress-test them with adversarial models to find security failures (prompt injection, tool misuse / excessive agency, data leakage, jailbreaks, denial-of-wallet), auto-patch (blue team), retest, and get
Govern AI coding agents (Claude Code, Cursor, Codex, GitHub Copilot CLI) from a hook. It blocks dangerous tool calls locally and offline (destructive commands, secret exfiltration, prompt-injected tool results), then optionally reports the session to Axio
Tiered prompt-injection validation layer. Zero-dep sub-ms Tier 0 core (Node + edge identical), optional local ML + remote guard tiers.
MCP security scanner — 55 tools for runtime inspection, static analysis, config audit, dependency analysis. OWASP MCP Top 10 compliance. OAuth, TLS, fuzz testing, prompt injection, tool mutation detection. 100% local, zero external API calls.
CLI and GitHub Action that detects unsafe AI coding-agent usage in CI/CD workflows.
Deterministic prompt-injection / poison / tool-poisoning firewall for LLM agents — multilingual, evasion-resistant, zero black-box ML in the hot path. OWASP LLM01 / MITRE ATLAS.
AI security skills grounded in mid-2026 threat reality, not stale framework documentation. 51 skills, 11 catalogs (499 CVEs / 189 CWEs / 805 ATT&CK + ICS / 170 ATLAS / 468 D3FEND / 8888 RFCs), 35 jurisdictions, 10-class catalog gap detector + budget gate,