Documentation
A full docs portal at docs.aegis.dev launches
with v1.0 (Mintlify-hosted). Until then, this page is the
curated index — pick an install path, learn six concepts, jump
to the deep references on GitHub.
Four ways to integrate. They all converge on the same gateway. Pick the one that matches your stack and skip the others.
Point your existing OpenAI / Anthropic / Mistral / Gemini SDK at the gateway URL. No code edits.
export OPENAI_BASE_URL=https://gateway.aegis.dev/openai/v1
export AEGIS_API_KEY=aeg_xxx
# upstream OpenAI key forwarded unchanged
# your code stays untouchedOne-file installer. Embeds the gateway + cockpit + Node runtime. Local-only by default.
# macOS Apple Silicon (M1+)
open https://github.com/Justin0504/Aegis/releases/latest/download/AEGIS_0.1.0_aarch64.dmg
# Windows .msi build is unblocked — see /download for the latest.Full stack — gateway + cockpit + Postgres + Redis — on a single host or in your VPC.
git clone https://github.com/Justin0504/Aegis
cd Aegis
docker compose -f docker/compose.yml up -d
# → gateway on :8080, cockpit on :13003In-process auto-instrumentation across 9 agent frameworks. One init() call.
# Python
pip install agentguard
# in your agent entrypoint:
import agentguard; agentguard.init(api_key="aeg_xxx")
# Node / TypeScript
npm install @agentguard/sdk
import { init } from '@agentguard/sdk'; init({ apiKey: process.env.AEGIS_API_KEY });AEGIS has six core ideas. Internalise these and the rest of the documentation is just "more buttons, same shape".
Every call hits the classifier, runs through L1 rules + L2 ML + (optionally) L3 LLM-judge, matches the per-tenant Policy DSL, and ends with one of three decisions: allow, pending (human review), block. See /docs/policy-templates for how the DSL composes, /docs/api for the decision endpoint shape.
Policies are JSON Schema validators that gate the call argument shape (e.g. SQL injection patterns, URL allowlists). DSL rules are the tenant-side overlay — "for THIS agent, ALSO require an approval if the call is HIGH risk during evening hours". Both run on every call; either can deny.
AEGIS registers each agent and mints a signed JWT identity card. The SDK forwards X-AEGIS-Agent-Token; the gateway verifies. Lets policy + audit map every call to a stable agent identity even when an agent is renamed or migrated.
Every decision is appended to a per-tenant RFC 6962 Merkle log. Tree heads are Ed25519-signed. Customers cache signed roots and verify inclusion offline via tools/verify-log/index.mjs. See Security → Cryptographic audit primitives.
Set OTEL_EXPORTER_OTLP_ENDPOINT to a Datadog / Honeycomb / Tempo / Grafana Cloud endpoint and every span ships with the full gen_ai.* attribute set + a gen_ai.guardrail.* extension for decision metadata. Zero-config dashboards on every major OTLP consumer.
1) LLM Egress Proxy — zero code change, just env vars; 2) SDK auto-instrument — one init() call; 3) MCP proxy — change one config field for Claude Desktop / Cursor / MCP hosts; 4) HTTP gateway direct — for custom agents. Mix freely — they all converge on the same gateway.
Each topic has its own page on this site; the GitHub repo link is the one external pointer for source + community.
File a question or a bug on GitHub Discussions — usually answered within a business day. Enterprise customers get a dedicated Slack channel.