Runtime policy enforcement for Claude Desktop, Claude Code, VS Code, OpenClaw, and more.
Stop AI agents from running scripts, touching files, or opening network connections outside policy — before the action takes effect, not after the fact. On Linux, macOS, and Windows.
If the policy daemon goes down, default builds log every action that slips through; compliance builds fail-CLOSED. Built for endpoint security, not LLM output filtering: the controls live in the kernel and at the syscall — BPF_LSM, EndpointSecurity, native drivers — not in the prompt.
Three policy archetypes covering the spectrum from full lockdown to observe-only audit. Switch as your trust in agent behavior grows.