Security Layer for
AI Agents
Protect agentic workflows with command risk analysis, CVE scanning, sandboxed execution, security dashboard, and session auditing — works with every AI coding assistant on macOS, Linux, and Windows.
Open source security tool • Built for developers
Get Started in 30 Seconds
Four simple steps to secure your entire development workflow
Install
One-line installation for macOS, Linux, and Windows. Supports automatic updates and multiple installation methods.
# macOS & Linux (recommended)
curl -fsSL https://raw.githubusercontent.com/xadnavyaai/vectra-guard/main/install.sh | bash
# Windows (PowerShell, no admin required)
irm https://raw.githubusercontent.com/xadnavyaai/vectra-guard/main/scripts/install-windows.ps1 | iex
# Or download latest release (v0.6.0)
# See https://github.com/xadnavyaai/vectra-guard/releases/latest
# Verify installation
vectra-guard versionInitialize
Set up global configuration, enable features, and sync CVE database for vulnerability scanning
# Initialize global config (~/.config/vectra-guard/config.yaml)
vg init
# Or repo-scoped config (.vectra-guard/config.yaml)
vg init --local
# Enable soft delete (optional but recommended)
# Edit config.yaml:
# soft_delete:
# enabled: true
# auto_delete: true
# Sync CVE database for vulnerability scanning
vg cve sync --path .Seed Agent Instructions
Configure your AI coding assistants (Cursor, Copilot, OpenClaw, etc.) to use Vectra Guard automatically
# Seed instructions for all supported agents
vg seed agents --target . --targets "agents,cursor"
# OpenClaw: auto-detects ~/.openclaw and merges safely
vg seed agents --targets openclaw
# Use --yes to skip confirmation (CI/scripts)
vg seed agents --targets openclaw --yes
# This creates:
# ✅ .cursor/rules/vectra-guard.md (Cursor)
# ✅ AGENTS.md (Generic agents)
# ✅ ~/.openclaw/AGENTS.md (OpenClaw — auto-detected)Start Using
Execute commands safely with protection, CVE scanning, and automatic backups
# Start a tracked session
SESSION=$(vg session start --agent "cursor-ai")
export VECTRAGUARD_SESSION_ID=$SESSION
# Run protected commands (with soft delete)
vg exec -- npm install
vg exec -- rm old-file.txt # Automatically backed up!
# Scan for vulnerabilities
vg cve scan --path .
# Restore deleted files if needed
vg restore list
vg restore <backup-id>What's Next?
Explore advanced features like sandbox configuration, trust management, and custom security policies
Seamless Agent Integration
Seed security rules directly into your AI agent's context
OpenClaw
Featured IntegrationLocal AI assistant with full system access — browser automation, shell commands, and file operations. VectraGuard auto-detects your OpenClaw install and merges security instructions without overwriting your custom rules.
VectraGuard detects ~/.openclaw/ (or env override), confirms the path interactively, and wraps its section in <!-- vectraguard:begin/end --> markers. Re-runs update only the marked section — your custom instructions are always preserved.
# Auto-detects ~/.openclaw and prompts to confirm
vg seed agents --targets openclaw
# OpenClaw detected (default)
# State directory: ~/.openclaw
# Destination: ~/.openclaw/AGENTS.md
# Confirm? [Y/n/custom path]: y
#
# [~] ~/.openclaw/AGENTS.md 2.3 KB (merged)
# Non-interactive / CI — skip the prompt
vg seed agents --targets openclaw --yes
# Re-run is idempotent — updates only the marked section
# [~] ~/.openclaw/AGENTS.md 2.3 KB (updated)Cursor
IDE-native rules for Cursor AI assistant
.cursor/rules/vectra-guard.mdClaude Code
Project instructions for Claude Code CLI
CLAUDE.mdGitHub Copilot
Agent instructions for Copilot Workspace
.github/copilot-instructions.mdVS Code
Security instructions for VS Code agents
.vscode/vectra-guard.instructions.mdWindsurf
Rule files for Windsurf AI editor
.windsurf/rules.mdCodex
Instruction set for OpenAI Codex agent
CODEX.mdSee It In Action
Interactive demos showing how Vectra Guard protects your development workflow
Blocking Dangerous Commands
See how Vectra Guard prevents destructive operations
Security Without Compromise
Everything you need to protect your development workflow — from AI agents to production deployments.
Command Risk Guard
Blocks dangerous operations automatically before they hit your system.
Smart Sandboxing
Isolates risky actions in secure environments with intelligent caching.
CVE Scanning
Flags packages with known vulnerabilities before installation.
Soft Delete
Automatic backup system with restore capability for safe file operations.
Session Auditing
Track what ran, who ran it, and why — perfect for compliance.
10x Faster Installs
Cache-mounted dependencies make sandboxed installs blazing fast.
Explainable Risk
Human-friendly explanations for why something is risky.
Trust Store
Trust common commands once to skip sandbox on repeated runs.
Security Dashboard
Live event feed, risk charts, session management, and CVE data via vg serve.
Cross-Platform
Native support for macOS, Linux, and Windows with full feature parity.
Real-Time Protection
Analyze and protect commands as they're executed.
Agent-Friendly
Works seamlessly with Cursor, VS Code, Copilot, and OpenClaw workflows.
VectraGuard Enterprise
Security operations center for AI-powered teams
Real-time threat dashboard with OWASP LLM Top 10 coverage
Session audit trail with filtering and CSV export
Agent monitoring with risk scoring and violation tracking
Policy management — injection detection, rate limits, redaction
Attack simulator with preset injection patterns
Google SSO with admin access control
Install. Protect. Done.
30 seconds to production-ready security
Open Source
Free forever. Apache 2.0 licensed.
# 1. Install
curl -fsSL https://raw.githubusercontent.com/xadnavyaai/vectra-guard/main/install.sh | bash
# 2. Initialize
vg init --local
# 3. Protect everything
vg exec -- npm install
vg cve scan --path .Enterprise
Cloud dashboard for teams and organizations.