agentguard

Zustandsbasierter Runtime Security & Governance Layer für AI Agents.

Port 12001 | Part of ToolOracle Infrastructure

AgentGuard is a policy-driven Runtime Enforcement System for AI agents. It controls agent behavior before, during, and after tool execution — with persistent state management, automatic escalation, and cryptographically auditable decisions.

| Tool | Purpose | |------|---------| | policy_preflight | Check all policies before a tool call. State-aware: escalated agents get forced approval | | tool_risk_score | 0-100 risk score (base + payload analysis + KYA trust adjustment) | | approval_required | Human-in-the-loop gate with persistent approval records | | decision_explain | Explain allow/deny with policy reference and risk breakdown | | rate_limit_check | Per-minute/hour/day rate limit enforcement |

| Tool | Purpose | |------|---------| | payment_policy_check | Amount limits, recipient allow/denylists, network rules, counterparty risk | | spend_limit_check | Daily spend limits per agent (default/trusted tiers) | | secret_exposure_check | Scan for API keys, tokens, PII (8 patterns) | | payload_safety_check | Detect prompt injection, XSS, SQL injection, code injection | | replay_guard_check | SHA256 fingerprint deduplication within time window |

| Tool | Purpose | |------|---------| | cross_tool_anomaly_check | Detect suspicious tool sequences (5 predefined attack patterns) | | scope_check | RBAC with 5 roles (admin, compliance_officer, analyst, agent, readonly) | | session_validate | Session lifecycle with TTL, call budgets, scope binding | | tenant_policy_check | Multi-tenant governance (4 tenants: default, fintech_eu, defi, enterprise_read) | | threat_intel_check | Entity verification ag