Skip to main contentSkip to navigation

Guardrail
enforces reality.

It's not another linter. It's the system that decides: can the agent continue, and can this ship?

guardrail scanrunning
Loading demo...
v1.0.0secure

Real-time security scanning in your terminal

The problem

AI builds fast. It can't tell you if it works.

Demo billing that fakes success

MockProvider in production

Localhost URLs in config

Silent error swallowing

Hallucinated APIs

Hardcoded test credentials

Guardrail blocks the deploy until it's real.

Smart context.
Zero effort.

Give your AI the right context automatically.

Semantic Search

Find anything with natural language queries.

Command
guardrail context --search "auth hook"

TF-IDF ranked results

Security Scan

Detect secrets and vulnerabilities instantly.

Command
guardrail context --scan

Exact file locations

AI Decomposition

AI picks the perfect context for your task.

Command
guardrail context --decompose "add auth"

Smart token limits

Multi-Repo

Federate context across all your repos.

Command
guardrail context --federate

Shared patterns detected

Never leave
your editor.

CursorVS CodeClaude DesktopWindsurf

GO / NO-GO verdicts

Ship check with evidence and fix locations.

Catch mocks early

Find demo routes before they hit production.

Browser testing in-editor

Run Playwright flows without leaving your IDE.

Quick Setup

# Install MCP integration
Guardrail mcp install
# Start the local MCP server
Guardrail mcp start

Local-first. MCP connects your editor to Guardrail running on your machine.

MCP Tools:

ship_checkGO/NO-GO verdict with report output
ai_agent_testautonomous AI testing + fix prompts
reality_mode_testrun Reality Mode (Playwright) for a flow
mockproof_scanproduction import graph scan + violations
block_demo_patternsfind demo-success patterns in code
launch_checklistpre-launch verification wizard
generate_badgecreate Ship Badge artifacts

💬 Natural Language Commands (CLI)

Just tell Guardrail what you want in plain English:

"what's my status"
Project health check
"run ai agent"
AI-powered autonomous testing
"run reality mode"
Browser testing with Playwright
"block demo patterns"
Find demo-success patterns
"launch checklist"
Pre-launch verification
"enable mockproof gate"
Block mock data in prod
"generate ship badge"
Create status badge
"fix it"
Auto-fix detected issues

Run via CLI: guardrail "your command here"

Stop AI drift.
Enforce rules.

Keep your AI agents on a tight leash.

Injection Detection

Blocks jailbreaks and data exfiltration.

Hallucination Catching

Verifies packages exist before use.

Intent Matching

Code matches what you asked for.

Permission Sandbox

Granular filesystem and network controls.

Resource Limits

Memory, CPU, and token enforcement.

Audit Trail

Every AI action logged.

Million-Line Context

Analyzes entire codebases intelligently.

Safe Rollbacks

Checkpoint and revert any AI change.

guardrail-scan.log
BLOCKED
⚠ Prompt injection blocked
instruction_override • CRITICAL
⚠ Fake package caught
react-super-utils • npm
⚠ Shell command blocked
rm -rf • CRITICAL
3 issues blocked

CLI for verdicts. MCP for prevention.

CLI
  • When:Before deploy / in CI
  • What:Run flows, get GO/NO-GO, export reports
  • Output:Verdict + replay + fix list
MCP
  • When:While coding
  • What:Catch drift, validate AI claims, link fixes
  • Output:Inline warnings + file/line links

Test everything.
Write nothing.

Point at your URL. Get a score out of 100.

Auto-discovers all routes

Clicks every button safely

Fills and submits forms

Records video proof

CI-ready output

Reality Mode Report
85/100
Surface explored:
12 routes discovered and visited
8 forms filled and submitted
34 buttons clicked
2 console errors captured
Output files:
📹 videos/reality-run.webm
📄 reality-report.html
📊 junit-results.xml
Build Gate Status
BLOCKED
Import analysis from production entry:
✗ BLOCKED
MockProvider reachable
src/app/page.tsx → providers/mock.tsx
✗ BLOCKED
Demo route in production
src/app/api/demo/route.ts
Deploy blocked until fixed

No mocks
in production.

Build fails if mock code is reachable. Period.

MockProvider reachable → blocked

Demo routes in prod → blocked

Localhost in config → blocked

Seed data as real data → blocked

AI finds bugs.
AI writes the fix.

Autonomous testing that generates fix prompts.

GPT-4 Vision decides what to test

Finds edge cases humans miss

Generates fix prompts for your IDE

Screenshots at every step

Any framework supported

AI Agent Found Issue
SECURITY
🔴Login form missing CSRF token
AI attempted to submit login from external origin and succeeded. This is a cross-site request forgery vulnerability.
GENERATED FIX PROMPT
The login form is missing CSRF protection. Add a CSRF token to the login form: 1. Generate token server-side in /api/auth/csrf 2. Include hidden input in LoginForm.tsx 3. Validate token in /api/auth/login before processing This prevents cross-site request forgery attacks.

Paste this prompt into your AI editor. Watch it fix the issue in seconds.

Weekly Digest
AUTOPILOT
📊 Your week in review
Health Score92/100 🟢
Issues Fixed3 auto-fixed
Deploys Blocked1 (mock data)
PRs Created2 pending review
Next scan: Monday 9:00 AM

Set it.
Forget it.

Continuous protection on every push.

Weekly health digest

Auto-creates fix PRs

Blocks bad deploys

Slack alerts

Runs on every push

NEW

Deep Intelligence.
Real insights.

Six AI-powered analysis suites that go beyond surface-level scanning. Get actionable insights, not just warnings.

AI Intelligence

Deep code review with bug prediction, pattern learning, and smart recommendations.

Bug predictionCode reviewPattern learning

Security Scanner

25+ secret patterns, vulnerability detection, and threat analysis across your codebase.

Secret detectionVulnerability scanCompliance check

Architecture Health

Detect code smells, circular dependencies, and maintainability issues.

Code smellsDependency analysisComplexity metrics

Supply Chain

SBOM generation, license compliance, and CVE tracking for all dependencies.

SBOM generationLicense auditCVE tracking

Team Intelligence

Bus factor analysis, expertise mapping, and knowledge distribution insights.

Bus factorExpertise mapKnowledge gaps

Predictive Analytics

Quality trends, risk forecasting, and growth projections for your codebase.

Quality trendsRisk forecastGrowth projection
$ guardrail intelligence full# Run all 6 suites

3 steps.
Done.

Minutes to setup, not hours.

1

Install

npx @guardrail/cli init

2

Scan

guardrail ship

3

Autopilot

Set and forget

Start free →
Upgrade when it hurts

(we'll show you exactly when)

FREE

See what's broken

$0
  • Check with real results
  • Basic validation
  • 10 scans/month

VIBE

Control the agent

$39/month
  • Real-time checkpoint blocking
  • Fix-Only Mode
  • 100 scans/month
Most Popular

SHIP

Nothing broken ships

$89/month
  • Intent drift detection
  • Intent Lock Mode
  • CI gate + runtime verification
  • 500 scans/month

PROTECT

Automatic safety system

$149/month
  • Autopilot
  • Regressions
  • Weekly risk reports
  • Intelligence suites
  • Unlimited scans

ENTERPRISE

Evidence packs + compliance

$299/month
  • Policy workflows
  • Audit logs
  • SSO + multi-tenant
  • Custom integrations

Start with the Free plan or upgrade anytime. Cancel anytime.

Questions?

Questions?
Answers.

Can't find what you need?.

Because agents optimize for 'done', not 'true'. Guardrail enforces truth with deterministic gates and server-side constraints.
No. Guardrail checks wiring, scope, deploy readiness, and runtime reality.
Only when you're about to waste hours or ship a bug. That's the point.
Yes — scoped checks, incremental runs, and project-aware gates.

Still have questions?

Our team is here to help. Get in touch and we'll get back to you within 24 hours.

Stop shipping vibes.

Start shipping certainty.

No credit card required • Free tier available • Cancel anytime