Plans

Runtime security for AI agents — from solo builders to enterprise teams.

Basic

Solo builders running local agents

$4.99 /mo

Monitoring

  • Up to 500 events/day
  • Process + filesystem monitoring

Controls

  • Default block policies
  • Custom policy rules

Logging

  • 7-day log retention
  • Log export

Support

  • Community support
Request access
Recommended

Pro

Power users with multiple tools and plugins

$9.99 /mo

Monitoring

  • Unlimited events
  • Process, filesystem, and network

Controls

  • Default + custom policy rules
  • Approve/block/allow per tool

Logging

  • 90-day log retention
  • JSON + CSV export

Support

  • Email support (48h SLA)
Request access

Team

Small orgs managing agent fleets + compliance

$24.99 /mo

Monitoring

  • Unlimited events
  • Full stack + multi-agent

Controls

  • Custom + org-wide policies
  • Role-based access controls

Logging

  • 1-year retention
  • SIEM integration + API

Support

  • Dedicated onboarding + SLA
Request access

Trust and data handling

Local-first

Scans run on your machine. Agent behavior is analyzed locally before any data leaves.

What is stored

Event metadata and risk scores for audit logging. Full event details when retention is enabled.

What is never uploaded

File contents, credentials, API keys, or any data flagged as sensitive by policy.

Export your logs

Download your full audit history as JSON or CSV at any time.

Frequently asked questions

What does Runtime Guard monitor?

Runtime Guard monitors three categories of agent behavior: shell commands and process spawning, filesystem reads and writes, and outbound network requests. Each action is scored against your configured policy.

Does it upload my data?

No. Scans and policy evaluation run locally on your device. File contents, credentials, and sensitive data never leave your machine. Only event metadata (timestamps, risk scores, action types) is stored if you enable cloud audit logging.

How does blocking work?

When an agent attempts a high-risk action (like reading SSH keys or making an outbound request to an untrusted domain), Runtime Guard intercepts the call and applies your policy: block, require approval, or allow and log.

What about false positives?

Policies are configurable. If a legitimate action is blocked, you can adjust your rules to allow it. The "Balanced" mode is designed for minimal false positives; "Strict" mode blocks more aggressively and is suited for high-security workflows.

Which runtimes are supported?

Currently, Runtime Guard works with any tool-using agent on your local machine. Direct integrations for Ollama, OpenClaw, and a "Tool wrapper" SDK are planned for v0.3–0.4. See the roadmap for details.

Can I try it before paying?

Yes. Run a demo scan to see the event timeline and risk scoring in action. Join the waitlist for early access to the full product.

Is there a free tier?

We're evaluating a free tier with limited event monitoring. During beta, waitlist members will get extended trial access. Join the waitlist to be notified.