Open Source Agent Firewall
Pipelock scans HTTP, WebSocket, and MCP traffic for credential leaks, prompt injection, SSRF, and tool poisoning. Policy at the point of action, not after the fact.
Detect
11-layer scanner pipeline. 48 DLP patterns. A2A scanning. Encoded payload handling. Catches threats across HTTP, WebSocket, and MCP.
Enforce
OR-composed kill switch. Adaptive escalation. Process sandbox (Linux + macOS). MCP tool policy with redirect. Fail-closed on every path.
Prove
Evidence for every machine operation. Flight recorder. Signed assessments. Compliance mappings for OWASP, NIST, EU AI Act. 24+ attack simulations.
Capabilities
What Pipelock Covers
Data Loss Prevention
48 credential patterns with checksum validation. Base64, hex, URL, and Unicode encoding-aware.
Prompt Injection
25 detection patterns. 6-pass normalization covering zero-width chars, homoglyphs, and leetspeak.
MCP Security
Tool poisoning detection, rug-pull tracking, policy engine with redirect, session binding, and chain detection.
Process Sandbox
Landlock + seccomp + network namespaces on Linux. sandbox-exec on macOS. Per-agent profiles with strict mode.
Adaptive Enforcement
Per-session threat scoring. Three escalation levels. Auto-recovery after clean traffic. No permanent lockouts.
Compliance Evidence
OWASP MCP Top 10, Agentic Top 10, MITRE ATLAS, EU AI Act, SOC 2, NIST 800-53 mappings. Signed reports.
A2A Protocol Scanning
Agent-to-agent traffic inspection. Agent Card validation, header and body scanning for multi-agent systems.
Flight Recorder
Hash-chained, tamper-evident evidence log. Every decision recorded with cryptographic proof of ordering.
IDE Integration
One-command setup for Claude Code, Cursor, VS Code, and JetBrains. Works with any HTTPS_PROXY agent.
Evidence
Monitor. Block. Prove.
Get Started
Two minutes to protection
Works with Claude Code, Cursor, VS Code, JetBrains, or any agent that speaks HTTP.