Why we built this
A few months ago, we started scanning for exposed agentic workflows and discovered over 42,000 instances that were unintentionally leaking sensitive environment variables, API keys, or providing unrestricted shell access to anyone who could find the endpoint.
As agents move from "chatbots" to "autonomous actors," the attack surface is exploding. We wanted a way to audit these agents before they go live and protect them while they're running.
How it works
AgentShield is API-first. You point it at your agent's endpoint or pipe your agent's internal logs/trace through our scanner.
• Speed: Scans typically take under 2 seconds.
• 110+ Checks: We look for prompt injection vulnerabilities, insecure tool-calling patterns, PII leakage, and "jailbreak" attempts.
• Firewall Mode: It can act as a proxy to intercept and block malicious tool calls (e.g., an agent suddenly trying to rm -rf /) before they execute.
The Stack
The core engine is built with Python, utilizing a highly optimized set of 110+ regex patterns and heuristic analysis for rapid detection without the latency of calling another LLM to "verify" the first one.
We're also experimenting with crypto-native infrastructure; our professional tier (post-beta) will support payments via USDC to keep the service accessible to global/anon developers.
Hi HN,
We're building AgentShield (https://agentshield.live (https://agentshield.live/)), a security-first firewall and vulnerability scanner designed specifically for autonomous agents.
Why we built this A few months ago, we started scanning for exposed agentic workflows and discovered over 42,000 instances that were unintentionally leaking sensitive environment variables, API keys, or providing unrestricted shell access to anyone who could find the endpoint.
As agents move from "chatbots" to "autonomous actors," the attack surface is exploding. We wanted a way to audit these agents before they go live and protect them while they're running.
How it works AgentShield is API-first. You point it at your agent's endpoint or pipe your agent's internal logs/trace through our scanner.
• Speed: Scans typically take under 2 seconds. • 110+ Checks: We look for prompt injection vulnerabilities, insecure tool-calling patterns, PII leakage, and "jailbreak" attempts. • Firewall Mode: It can act as a proxy to intercept and block malicious tool calls (e.g., an agent suddenly trying to rm -rf /) before they execute.
The Stack The core engine is built with Python, utilizing a highly optimized set of 110+ regex patterns and heuristic analysis for rapid detection without the latency of calling another LLM to "verify" the first one.
We're also experimenting with crypto-native infrastructure; our professional tier (post-beta) will support payments via USDC to keep the service accessible to global/anon developers.
Try it out We are currently in a free beta. You can run your first scan at https://agentshield.live (https://agentshield.live/).
Use code BETA5 to unlock the full testing suite.
We'd love to hear your thoughts on the detection logic and what specific "agent-fail" scenarios you're most worried about.
Thanks!