explaingit

whitzardagent/agentguard

Analysis updated 2026-05-18

52PythonAudience · developerComplexity · 4/5LicenseSetup · moderate

TLDR

A security checkpoint that reviews and approves, blocks, or escalates tool calls made by AI agents.

Mindmap

mindmap
  root((AgentGuard))
    What it does
      Checks agent tool calls
      Blocks or approves actions
      Tracks multi step chains
    Tech stack
      Python
      Docker
      Policy rule language
    Use cases
      Stop risky agent actions
      Audit agent decisions
      Manage many agents centrally
    Audience
      AI developers
      Security teams
      Agent framework users

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Block an AI agent from emailing sensitive data it just read from a file

USE CASE 2

Require human approval before an agent runs a risky command

USE CASE 3

Audit which tools an agent called and why a request was denied

USE CASE 4

Centrally manage access rules across many deployed agents

What is it built with?

PythonDockerLangChainAutoGenOpenAI Agents SDK

How does it compare?

whitzardagent/agentguardamaravijayalakshmi216-collab/crop-recommendation-systembiansy000/mda
Stars525252
LanguagePythonPythonPython
Setup difficultymoderatemoderatehard
Complexity4/52/55/5
Audiencedeveloperresearcherresearcher

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · moderate Time to first run · 1h+

Requires Docker and a running control server before agents can connect.

Use freely for any purpose, including commercial use, as long as you keep the copyright notice.

In plain English

AgentGuard is a Python project that adds access control to AI agents that use external tools. When an AI agent, built on a framework like LangChain, AutoGen, or OpenAI's Agents SDK, wants to call a tool such as sending an email or running a shell command, AgentGuard checks the action against a set of policies before allowing it to proceed. Those policies are written in a standalone rule language rather than hard-coded into application logic. A policy can examine the agent's identity and trust level, the specific tool being called, the arguments being passed, and what the agent did earlier in the same session. This makes it possible to write rules like "if a low-trust agent reads a sensitive file and then tries to send an email, block it," covering multi-step patterns rather than just single tool calls. Policy conditions support numeric comparisons, set membership checks, regex matching, and combinations using AND, OR, and NOT. When a rule is triggered, AgentGuard can allow the action, block it outright, send it to a human for approval, or route it to an LLM for review. Policies can apply before a tool runs, after it finishes, or when it fails, depending on what the policy requires. Agents and tools can also be tagged with labels like trust level, boundary, and sensitivity, which policies can reference to apply differentiated controls. Adding AgentGuard to an existing agent requires minimal code changes using one of the provided adapters. The framework does not modify the agent's planning or reasoning code, it wraps only the tool layer. Adapters are currently available for LangChain, AutoGen, and the OpenAI Agents SDK, with more planned. A web console is included for configuring policies without writing rule code by hand. The dashboard shows real-time traffic, pending approval requests, and a full audit log explaining why each tool call was allowed or blocked. For teams running agents across multiple machines, AgentGuard uses a centralized server to manage policies and monitoring across the fleet. Docker is required to run the control server. The project is released under the MIT license.

Copy-paste prompts

Prompt 1
Show me how to write an AgentGuard policy that blocks an agent from emailing a file it just read from disk
Prompt 2
Help me integrate AgentGuard with a LangChain agent I already built
Prompt 3
Explain how AgentGuard policies can catch a multi-step attack chain across tool calls
Prompt 4
Set up a Docker-based AgentGuard control server for testing

Frequently asked questions

What is agentguard?

A security checkpoint that reviews and approves, blocks, or escalates tool calls made by AI agents.

What language is agentguard written in?

Mainly Python. The stack also includes Python, Docker, LangChain.

What license does agentguard use?

Use freely for any purpose, including commercial use, as long as you keep the copyright notice.

How hard is agentguard to set up?

Setup difficulty is rated moderate, with roughly 1h+ to a first successful run.

Who is agentguard for?

Mainly developer.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.