AgentShield v1.0.0 Released — Runtime Security for AI Agents

[hidearmoon]

We're excited to open-source AgentShield, a runtime security layer that sits between AI agents and their tools.

What it does

Every tool call your agent makes passes through a multi-layer security pipeline:

• Trust-aware data flow — 5-tier trust model computed server-side
• 3-layer intent consistency detection — Rule Engine (μs) → Anomaly Detector (μs) → Semantic Checker (ms)
• Two-phase call architecture — data extraction and action execution are physically separated
• Merkle tree audit trail — tamper-proof, hash-chained decision history
• Policy DSL — define security rules in YAML, no code required

What's included

• Core security engine (FastAPI)
• Transparent sidecar proxy
• Management console (React UI)
• SDKs for Python, TypeScript, and Go
• Drop-in integrations for LangChain, CrewAI, AutoGen, Claude Agent SDK
• 342 tests (218 unit + 92 security + 32 SDK)
• Docker Compose full-stack deployment

Get involved

We've created several good first issues including an OpenClaw plugin, MCP middleware, and expanding our prompt injection test corpus. All contributions welcome!

Check out the README to get started.