Skip to main content
Use case · Security
Block exfil and poisoning at the loop
Stop unsafe MCP tool calls at the agent loop — exfiltration, tool-poisoning, and SSRF — and hand auditors a tamper-evident, hash-chained trail of every decision.
On-deviceenforcement, no proxy
Metadata-onlycapture, no payloads
6control surfaces
Ed25519signed releases
14tools supported
8.5MBon-device agent
What security gets
Blocked before execution, proved on the ledger
Exfil blocked on-device
Stop the unsafe call at the loop, not in a log you read hours later.
Hash-chained audit trail
A tamper-evident ledger any auditor can verify down to the single call.
SSRF protection
k-anonymized detections add threats other orgs saw, never your data.