Runtime policy enforcement for Claude Desktop, Claude Code, VS Code, OpenClaw, and more.
Naevik runs below the AI agent. Every action it takes is checked against your policy in the kernel, before it can take effect.
Claude Code tries to run a command, open a file, or reach out over the network.
Before the syscall completes, a kernel hook — BPF_LSM, EndpointSecurity, or a Windows driver — evaluates the action against your rules.
It runs, it’s blocked before it takes effect, or it’s recorded for audit — exactly as your policy says, and nothing logged that you didn’t ask for.
One local policy governs all your AI agents — and every process each one spawns — across what they run, the files they touch, and where they connect.
These rules cover the AI agent and every process it spawns — child, grandchild, all the way down. Shell out to python3 or bash, and that process is held to the same file and network rules. No escaping the policy by launching a subprocess.
Author a local policy on your own machine — no server, no account, nothing leaves the device.
Claude Code reads and writes your repo, but /Users/alex/.ssh and /Users/alex/.aws stay off-limits — and it can’t write anywhere else on disk.
The AI agent reaches only your test server and the API it needs — the rest of your LAN is blocked, and everything else is logged so you can see where it tried to go.
Add a log rule and review it later — exactly what a freshly-installed skill or MCP plugin reached for behind your back.
Buy Naevik Personal for your own Macs. Naevik Team — centrally managed for fleets — is on the way.
On-device policy — no server, no cloud. 2 years of updates; works on macOS today — Windows coming soon.
🐦 Early bird: $30 off the first 200 — one device just $39.
Centrally managed policy and audit for a whole fleet, on a server you own.
Native on each OS. Click any screenshot to enlarge.