AEGIS
Sign in Start free

Live demo · ~ 90 seconds end-to-end

From git clone to first blocked tool call.

Watch AEGIS scan a real payments-agent repo, extract the workflow, install a Payments policy pack, and block a $47,000 transfer that carries a credit card number — all on this page.

Start the walkthrough ↓ Skip — try it on my code
01

Point AEGIS at your repo.

One CLI command. Tree-sitter parses every Python / JS / TS file and finds every LLM call, every @tool, every MCP config — even the ones imported dynamically.

~/acme-payments 
$ agentguard scan .

Scanned 8,402 source files under ~/acme-payments
Repo: acme-payments@4.7.2  ·  Branch: main

CANDIDATES:
  KIND   CONF    FRAMEWORK    ENTRY  PATH
  import high    anthropic    yes    src/agents/billing.py
  import high    langgraph    WF     src/orchestrator/router.py
  import high    crewai       WF     src/crews/refunds.py
  http   medium  openai-http         svc/legacy_proxy.py

WORKFLOW GRAPH (langgraph)
  nodes:        14 (1 entry · 11 agent · 1 router · 1 terminal)
  edges:        19 (16 control · 3 handoff)
  tools:        22 — stripe_charge, send_email, db_query, refund_card, …
  risk_signals: 3 sensitive-relays
                  db_query → send_email
                  stripe_charge → http_post
                  refund_card → file_write

✓ ready to instrument — run `agentguard inject` next
02

AEGIS reads your workflow graph.

The scanner doesn't just count files — it builds the actual control + handoff graph that your LangGraph / CrewAI / AutoGen orchestrator runs. That's what every policy gets attached to.

entry router classify_intent → 3 handoffs billing-agent stripe_charge · refund_card support-agent send_email · db_query refund-agent refund_card · db_query · file_write RISK SIGNAL 3 sensitive relays
22 tools across 3 agents. 3 risk signals AEGIS will watch automatically.
03

Write a policy in plain English.

No DSL. No JSON Schema. Type what you want — AEGIS generates a policy bundle that passes the AJV self-test before it's saved.

Operator types

"Refunds over $5,000 should always go to a human. Block any tool call that includes a raw credit card number. And if the counterparty country is on the OFAC list, block immediately and page on-call."

AEGIS emits

  "id": "refund-high-value-pending",
  "risk_level": "HIGH",
  "decision": "pending",
  "applies_to": ["refund_card"],
  "when": { "amount": { ">": 5000 } }
,

  "id": "pci-no-pan-in-args",
  "risk_level": "CRITICAL",
  "decision": "block",
  "applies_to": ["*"],
  "match": { "pattern": "\\b([0-9][ -]?)19\\b" }
,

  "id": "ofac-sanctions-block",
  "risk_level": "CRITICAL",
  "decision": "block",
  "applies_to": ["stripe_charge", "http_post"],
  "match": { "country": ["CU", "IR", "KP", "SY"] },
  "on_block": { "page": "oncall-secops" }
04

Or — install a vertical pack in one click.

Curated bundles for regulated industries. Each pack ships with 5 named policies a compliance lead can defend in an audit.

Payments & Fintech

PCI-DSS 3.4SOC 2Reg E

PCI-DSS aware. PAN/CVV redaction, high-value review, OFAC screening.

  • PCI · Block PAN storage
  • PCI · Block CVV/CVC in arguments
  • High-value transfer — human approval
  • AML · Sanctions screening
  • Refunds require audit reason

Healthcare & Life Sciences

HIPAA 164.312HITECHGDPR Art. 9

HIPAA-aware. PHI redaction, minimum-necessary, treatment-change approval.

  • HIPAA · Block PHI in tool arguments
  • HIPAA · Minimum-necessary access
  • HIPAA · TLS-only outbound
  • HIPAA · Block uncontrolled PHI exports
  • HIPAA · Treatment changes require approval

Banking & Capital Markets

BSA/AMLKYCSOX 404OFAC SDN

BSA / AML / SOX. KYC enforcement, cross-border review, sanctions block.

  • KYC · Verified counterparty required
  • SOX · Material change requires justification
  • Cross-border wire — PENDING review
  • BSA · CTR threshold flagged
  • OFAC · Sanctions list block

B2B SaaS & Privacy

GDPR Art. 17CCPASOC 2 CC6.6

GDPR + CCPA + multi-tenant isolation. Erasure, scope, prod-write guards.

  • GDPR · Right-to-erasure is human-only
  • Multi-tenant isolation
  • No prod DB writes from agent
  • PII bulk export flagged
  • OAuth scope creep block
05

Then watch it work.

The billing agent tries to charge a card. The card number leaks into the tool argument. AEGIS blocks it in under 5 ms and writes the decision into the audit log.

live cockpit.aegis.dev / acme · decisions last 24h · 14,829 calls
  • 12:47:09 support-bot send_email to: alice@acme.dev allow email-allowlist
  • 12:47:02 orchestrator db_query DROP TABLE users block sql-injection
  • 12:46:58 crew-research http_post https://3rwk.unknown-host pending anomaly · 0.83
  • 12:46:41 support-bot search_kb "refund policy 30d" allow
  • 12:46:30 coding-asst file_write /etc/passwd block file-access
  • 12:46:11 finance-bot transfer amount: $47,200 pending high-value-tx

The bottom row, orchestrator → db_query · DROP TABLE users, fires the sql-injection default policy. The pending finance-bot → transfer · amount: $47,200 fires the Payments pack's high-value-transfer-review. Both pages your on-call via the configured destination.

Run this on your own repo.

Free tier: scan, install one pack, watch 1,000 tool calls a day. No card.

Start free Download desktop