Frequently asked questions
Everything you need to know about how AgentGuards works, integrates, and is metered.
- Where is the service hosted?
- Our frontend and backend are deployed on AWS (eu-north-1 region). All traffic is served over HTTPS via an Application Load Balancer with ACM certificates.
- How do I integrate AgentGuards?
- The quickest path is our MCP server — one command wires it into Claude Code, VS Code Copilot, or Codex. You can also call the REST API directly. See the integration guide →
- What checks does AgentGuards run?
- Every request goes through up to 10 layered checks: prompt injection, jailbreak detection, PII detection, secret detection, data exfiltration, toxicity, restricted topics, web-content injection, an LLM semantic check, and a PromptGuard ML classifier. Checks short-circuit on the first confirmed threat.
- Does AgentGuards store my prompts?
- No. We scan prompt content in memory and discard it immediately. Only metadata — request counts, token counts, blocked event types — is persisted for your usage dashboard.
- Which LLMs and frameworks are supported?
- AgentGuards is model-agnostic. It sits in front of any LLM call as an HTTP guardrail. Native integrations exist for Claude Code, Gemini CLI, OpenAI Codex, and VS Code GitHub Copilot.
- What happens when a threat is detected?
- The request is blocked before it reaches the model. You receive a JSON response with decision: "block" and a per-check breakdown showing which check triggered and why. Your LLM is never called.
- Can I configure which checks run?
- Yes. Every check can be toggled on or off per tenant from your dashboard. Individual and higher plans can also edit custom detection patterns.
- What counts as a request?
- Each guardrail evaluation — an input check, output validation, action authorization, policy evaluation, or gateway completion — is one metered request.
- What happens when I hit my monthly limit?
- Requests beyond your plan's included quota are paused until the next cycle or an upgrade. You'll see usage and remaining quota in your dashboard, and we warn you before you run out.
- Can I bring my own model key?
- Yes. The optional LLM-judge check runs on your own OpenAI key, so that spend stays on your account.
- Do you offer on-prem?
- Enterprise can deploy in your own VPC or on-prem, with SLA, SSO, and a security review.