Simulate a tool call and see if the active policy allows or denies it.
Upload JSON policies that gate which tool calls are allowed. Fail-closed by default.
Tamper-evident HMAC-SHA256 hash chain. Every policy and evaluation is signed.
| # | Action | Tool | Result | Hash | Time |
|---|---|---|---|---|---|
| No chain entries yet. | |||||
Drop-in shield for your AI agents. Works in Node.js and edge runtimes.
npm install @inneri/secure-shield
import { AgentShield } from '@inneri/secure-shield';
// Init with your policy server
const shield = new AgentShield({
serverUrl: 'https://secure.shapeos-3.polsia.app',
apiKey: process.env.SECURE_API_KEY,
});
// Before every tool call — this runs synchronously
const { allowed, reason } = await shield.evaluate({
tool: 'delete_file',
params: { path: '/tmp/cache.json' },
});
if (!allowed) {
throw new Error(`Tool blocked: ${reason}`);
// → "Tool blocked: No matching rule for tool "delete_file" — fail-closed default"
}
// Tool call is safe — proceed
await agent.runTool('delete_file', { path: '/tmp/cache.json' });
// Upload a policy to the gateway
await shield.loadPolicy('default', {
version: '1.0',
rules: [
{
id: 'allow-temp-reads',
tool: 'read_file',
params: { path: { starts_with: '/tmp/' } },
action: 'allow',
reason: 'Read from /tmp only',
},
{
id: 'deny-external-net',
tool: 'http_request',
params: { url: { not_contains: process.env.INTERNAL_DOMAIN } },
action: 'deny',
reason: 'No external HTTP without opt-in',
},
],
});
interface EvaluationResult {
allowed: boolean;
reason: string;
}
interface PolicyRule {
id: string;
tool?: string; // glob: '*' matches all
params?: ParamConstraint;
action: 'allow' | 'deny';
reason: string;
}
interface ParamConstraint {
[key: string]: {
equals?: string | number;
not_equals?: string | number;
contains?: string;
not_contains?: string;
starts_with?: string;
not_starts_with?: string;
regex?: string;
in?: string[];
};
}