Your AI Agents Are Running Blind. We See Everything.

ARCHITECTURE

5-Layer Defense-in-Depth

Every agent request passes through five independent security layers. An attacker must defeat all five to succeed.

Input Scanning

Detect prompt injections before they reach the agent

▾

13 injection pattern signatures
Shannon entropy analysis
Homoglyph detection
Base64/hex payload scanning
Recursive prompt unwrapping
Context window overflow detection

Identity & Authorization

Verify who the agent is and what it can do

▾

Role-based access control (RBAC)
AWS Cognito integration
Azure Entra ID (AAD)
Custom JWT validation
Agent identity attestation
Session-scoped permissions

Policy Engine

Deterministic rules that cannot be bypassed by AI

▾

Deterministic policy evaluation
Cedar policy language support
Resource-level permissions
Time-based access windows
Rate limiting per agent/tool
Cost budget enforcement

Output Validation

Catch sensitive data before it leaves your system

▾

10 PII pattern detectors
Credit card / SSN scanning
API key & secret detection
Custom regex patterns
Content toxicity filtering
Data classification tagging

Observability & Audit

Complete audit trail for compliance and forensics

▾

Full request/response logging
Structured JSON audit events
SIEM integration (Splunk, Datadog)
Real-time alerting
Compliance report generation
Forensic replay capability

WHAT NOBODY ELSE HAS

Innovations That Change the Game

Five capabilities you won't find in any other agent security tool.

🌀

Overthinking Loop Detection

Catches 142x token amplification attacks where adversarial prompts cause agents to spiral, burning your budget.

Monitors token consumption in real-time. When an agent's output exceeds the expected response length by a configurable multiplier (default: 5x), AgentShield interrupts execution, logs the anomaly, and returns a safe fallback response. Prevents runaway costs from recursive reasoning attacks.

🛡

MCP Server Trust Registry

Security scores for every MCP server your agents connect to. Know what you're trusting before you trust it.

Maintains a continuously updated registry of MCP servers with security scores based on: code audit status, maintainer reputation, dependency chain analysis, known vulnerabilities, and behavioral monitoring. Blocks connections to servers below your trust threshold.

🔗

Cross-Agent Threat Correlation

Connects attack chains across multiple agents. See the full kill chain, not just isolated alerts.

When an attacker probes agent-A to discover information, then uses that to exploit agent-B, AgentShield correlates these events using session tracking and behavioral fingerprinting. Produces unified incident reports showing the complete attack narrative.

⚙

Self-Healing Security

Auto-isolate compromised agents. Auto-rotate credentials. Auto-revoke sessions. Zero human intervention.

When a breach is detected, AgentShield executes a configurable response playbook: isolate the agent from all tools, rotate affected API keys, revoke active sessions, alert the team via Slack/PagerDuty, and generate a forensic report. Median response time: under 30 seconds.

🔍

Supply Chain Verification

Like npm audit, but for MCP servers. Know every dependency your agents rely on and its security posture.

Scans the full dependency tree of every MCP server: npm packages, Docker base images, API endpoints called, and data flows. Generates a Software Bill of Materials (SBOM) for your agent ecosystem. Alerts on newly discovered CVEs in any component.

INTEGRATIONS

Plugs Into Your Existing Stack

Native integrations with the platforms your enterprise already uses.

Cloud & Identity

☁ AWS Bedrock 🔐 AWS Cognito 🌳 AWS Cedar ☁ Azure Entra ID 🛡 Azure Content Safety ☁ GCP IAM 🤖 GCP Vertex AI

SIEM & Observability

📊 Splunk 🐶 Datadog 🔎 Elastic 🛡 Microsoft Sentinel 📜 Chronicle SIEM

Escalation & Alerting

💬 Slack 👥 Microsoft Teams 🚨 PagerDuty ✉ Email (SMTP) 📱 Webhooks

REAL-WORLD IMPACT

Before vs. After AgentShield

The measurable difference between unprotected agents and shielded ones.

Metric	Without AgentShield	With AgentShield
Prompt injection detection	0% (unmonitored)	94% (60 patterns)
Time to detect data leak	Days / never	<1 second
Credential rotation after breach	Manual, hours	Automatic, <30s
Compliance audit trail	Spreadsheets	Complete, queryable
Agent trust verification	None	Continuous scoring
Token cost anomaly detection	Monthly bill shock	Real-time alerts
MCP server supply chain audit	Not possible	Automated SBOM

SECURITY & TRUST

Verify, Don't Trust

Six guarantees we make about how AgentShield handles your data.

🏠 Runs Locally

AgentShield runs entirely on your machine. No cloud calls, no proxy servers, no data leaves your network.

Verify: check network tab — zero outbound requests

🔓 Open Source

Every line of code is on GitHub. Audit it yourself, fork it, contribute to it.

Verify: github.com/autoailabs/agentshield

🚫 Zero Telemetry

No analytics, no tracking, no usage reporting. We have no idea how you use it, and that's by design.

Verify: grep -r "telemetry\|analytics\|tracking" src/

🔑 No Credentials Needed

AgentShield never asks for your API keys or cloud credentials. It operates alongside your agents, not inside them.

Verify: no env vars required to run

📝 Built-in Audit

Every decision (allow/deny) is logged with full context: timestamp, agent, tool, layer results, trace ID.

Verify: cat ~/.agentshield/audit.log

🔒 Your Data, Your Control

All configuration, policies, and logs stay on your filesystem. Export, delete, or move them anytime.

Verify: ls ~/.agentshield/ — all data is here

GET STARTED

Three Steps. Three Minutes.

From zero to fully protected agents in under three minutes.

Install

One command. No dependencies. No configuration files.

# Install globally or use npx npx autoai-agentshield

Add to Your MCP Config

Add AgentShield as an MCP server in your agent's configuration.

{ "mcpServers": { "agentshield": { "command": "npx", "args": ["autoai-agentshield"] } } }

Done

AgentShield is now protecting your agents. Every tool call passes through 5 defense layers automatically.

✓ AgentShield active ✓ 5 defense layers enabled ✓ 60 threat patterns loaded ✓ Audit logging started ✓ Your agents are protected

PRICING

Start Free. Scale When Ready.

No credit card required. Start free, unlock advanced detection and team features as you grow.

Free

£0

For individual developers

20 threat patterns (of 60+)
Basic prompt injection detection
CLI scanning
Single agent monitoring
Advanced patterns (encoding, invisible chars)
Policy engine
Team dashboard

Get Started Free

Pro

£20/mo

For teams shipping AI products

All 60+ threat patterns
Advanced detection (encoding, unicode, delimiter)
Custom policy engine
Up to 25 agents
Slack/webhook alerts
Audit log export
Priority support

Start Pro Trial

Enterprise

£40/mo

For organisations at scale

Everything in Pro
Unlimited agents
SIEM integration (Splunk, Datadog)
Custom threat patterns
Team dashboard & RBAC
SOC 2 compliance reports
Dedicated support

Contact Sales

Custom

For regulated industries

Everything in Enterprise
On-premise deployment
Custom SLA
White-glove onboarding

Talk to Us

Your AI Agents Are Running Blind.
We See Everything.

See AgentShield in Action

How AgentShield Protects Your Agents

5-Layer Defense-in-Depth

Innovations That Change the Game

Overthinking Loop Detection

MCP Server Trust Registry

Cross-Agent Threat Correlation

Self-Healing Security

Supply Chain Verification

Plugs Into Your Existing Stack

Before vs. After AgentShield

Verify, Don't Trust

🏠 Runs Locally

🔓 Open Source

🚫 Zero Telemetry

🔑 No Credentials Needed

📝 Built-in Audit

🔒 Your Data, Your Control

Three Steps. Three Minutes.

Install

Add to Your MCP Config

Done

AgentShield at a Glance

Try AgentShield Right Now

Start Free. Scale When Ready.

Never let an AI agent run
unprotected again.

Your AI Agents Are Running Blind.We See Everything.

See AgentShield in Action

How AgentShield Protects Your Agents

5-Layer Defense-in-Depth

Innovations That Change the Game

Overthinking Loop Detection

MCP Server Trust Registry

Cross-Agent Threat Correlation

Self-Healing Security

Supply Chain Verification

Plugs Into Your Existing Stack

Before vs. After AgentShield

Verify, Don't Trust

🏠 Runs Locally

🔓 Open Source

🚫 Zero Telemetry

🔑 No Credentials Needed

📝 Built-in Audit

🔒 Your Data, Your Control

Three Steps. Three Minutes.

Install

Add to Your MCP Config

Done

AgentShield at a Glance

Try AgentShield Right Now

Start Free. Scale When Ready.

Never let an AI agent rununprotected again.

Your AI Agents Are Running Blind.
We See Everything.

Never let an AI agent run
unprotected again.