Security●●Solid
Burrow – Runtime Security for AI Agents
Natural language policies block risky agent actions before they execute.
Solve My ProblemSlick
saranshrana
302mo ago
Back to browse
GitHub Repository
ongarde-llm content firewall
1 starsPython
OnGarde – Runtime content security proxy for self-hosted AI agents
by antimaterial·Feb 26, 2026·2 points·1 comment
AI Analysis
●●●BangerSolve My ProblemSlick
Transparent proxy blocks agent leaks to LLM APIs without touching agent code.
Strengths
- •Zero code changes required: swap baseUrl, instant coverage for any OpenAI-compatible agent
- •Fail-safe architecture: blocks on error/timeout, not silent pass-through; 1,222 passing tests
- •PII, secret, injection, shell command detection with spaCy NER and pattern matching
Weaknesses
- •Detection heuristics not formally verified (unlike SkillFortify); false positives could break workflows
- •Relies on spaCy NER for PII, which has known gaps on structured formats (credit cards, SSNs)
Category
Target Audience
Operators of self-hosted AI agents (OpenClaw, Agent Zero, CrewAI) in compliance environments
Similar To
Nightfall DLP · Persona (DLP) · Slack data loss prevention
Post Description
Built this because I had heard some horror stories about companies leaking PII from high compliance environments to ChatGPT. I wanted something that would auto-filter any dangerous traffic between my AI agent and the LLM API without requiring code changes in the agent itself.
The filtering list has expanded a bit to include PII, secret keys and I've started a prompt injection library thats being filtered on as well.
The problem: self-hosted agent platforms (OpenClaw, Agent Zero, CrewAI) have no runtime content layer. If your agent leaks an API key, gets prompt injected, or decides to forward someone's SSN to GPT-4, nothing stops it. The platforms don't try to stop it either.
OnGarde is a proxy. You change one line in your config (swap baseUrl) and every request gets scanned before it leaves. Catches credentials, PII, prompt injection, dangerous shell commands. If the scanner fails, it blocks it; never silently passes through.
npx @ongarde/openclaw init handles the OpenClaw setup automatically. Also on PyPI if you're doing something custom.
Dashboard is localhost-only with a SQLite audit log. Nothing phones home.
v1 just shipped: https://github.com/AntimatterEnterprises/ongarde/releases/ta...
I am looking for feedback on this project. Let me hear your thoughts.
Similar Projects
Developer Tools●●●Banger
IronCurtain: A secure* runtime for AI agent loops
Sandbox agents via natural-language policy, not ambient authority—genuinely novel approach.
Big BrainZero to OneSolve My Problem
nielsprovos
113mo ago
AI/ML●●Solid
Open Bias – proxy that enforces agent behavior at runtime
Local proxy enforcing markdown rules on LLM output before it hits production.
Solve My ProblemShip It
algomaniac
2141mo ago
AI/ML●●Solid
Nerve – self hosted runtime for AI agents
Self-hosted agent runtime with persistent memory and personality modes via SOUL.md files.
SlickSolve My Problem
animetyan
6422d ago
Security●●●Banger
MCPSaaS – Security proxy for MCP agent protocols
IETF-backed security proxy for MCP agents when the protocol has none.
Big BrainSolve My ProblemBold Bet
AskCarX
103mo ago
Security●●Solid
Agent Armor, a Rust runtime that enforces policies on AI agent actions
Eight-layer governance pipeline for agents when LangChain just executes blindly.
Big BrainShip It
edoardobambini-
422mo ago