# AgentShield π‘οΈ
> The CrowdStrike for AI Agents β Real-time security monitoring, threat detection, and runtime protection for LLM-powered agents.
[](https://pypi.org/project/agentshield-python/)
[](https://pypi.org/project/agentshield-monitor/)
> π **100% Free & Open Source** β All features available to everyone. No paid plans, no paywalls, no credit card required. Ever.
```
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β AGENTSHIELD ARCHITECTURE β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ£
β β
β Your AI Agents AgentShield Platform β
β ββββββββββββββ βββββββββββββββββββ β
β β
β βββββββββββββββ ββββββββββββββββββββββββββββββββββββββββ β
β β LangChain ββββ β FastAPI Server β β
β βββββββββββββββ β β β β
β βββββββββββββββ β SDK β ββββββββββββ βββββββββββββββββββ β β
β β CrewAI ββββΌβββββββββββΊ β β Threat β β Alert Manager β β β
β βββββββββββββββ β (events) β βDetection β β β β β
β βββββββββββββββ β β ββββββββββββ βββββββββββββββββββ β β
β β AutoGen ββββ€ β ββββββββββββ βββββββββββββββββββ β β
β βββββββββββββββ β β β Policy β β Anomaly Engine β β β
β βββββββββββββββ β β βEnforcer β β β β β
β β OpenAI SDK ββββ β ββββββββββββ βββββββββββββββββββ β β
β βββββββββββββββ β β β
β β ββββββββββββββββββββββββββββββββ β β
β β β PostgreSQL / SQLite β β β
β β ββββββββββββββββββββββββββββββββ β β
β βββββββββββββββββββ¬βββββββββββββββββββββ β
β β WebSocket β
β βΌ β
β ββββββββββββββββββββββββββββββββββββββββ β
β β React SOC Dashboard β β
β β β’ Real-time event feed β β
β β β’ Alert management β β
β β β’ Session replay β β
β β β’ Policy editor β β
β β β’ Analytics & trends β β
β ββββββββββββββββββββββββββββββββββββββββ β
β β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
```
## What is AgentShield?
AgentShield provides comprehensive security observability and runtime protection for AI agents. As autonomous AI systems gain access to sensitive tools and data, the attack surface grows dramatically. AgentShield acts as a security layer between your agents and the world.
## Key Features
- **π Universal Agent Monitoring** β Instrument LangChain, CrewAI, AutoGen, OpenAI Agents SDK, or any custom agent with one line of code
- **π¨ Real-time Threat Detection** β Detect prompt injection, PII leakage, data exfiltration, and scope creep as they happen
- **π Policy Enforcement** β Define security policies that BLOCK, ALERT, LOG, or RATE_LIMIT suspicious behavior
- **π¬ Session Replay** β Full timeline replay of every agent action for incident investigation
- **π SOC Dashboard** β Real-time security operations center with alerts, analytics, and session management
- **π Kill Switch** β Instantly terminate any running agent session
- **π§ Threat Intelligence** β Built-in library of 200+ known prompt injection, jailbreak, and exfiltration patterns
- **π’ Multi-tenant** β Organization-based access control with API key management
## Quick Start
### 1. Install the SDK
```bash
pip install agentshield-sdk
```
### 2. Protect your agent
```python
import agentshield
# Zero-config protection
agentshield.init(api_key="your-api-key", server_url="http://localhost:8000")
# Wrap your agent
protected_agent = agentshield.protect(your_agent)
# Run it β AgentShield monitors everything
result = protected_agent.run("Your task here")
```
### 3. Start the platform
```bash
# Using Docker Compose
cd infra && docker-compose up -d
# Dashboard available at http://localhost:3000
# API available at http://localhost:8000
# API docs at http://localhost:8000/docs
```
## Installation
### SDK
```bash
pip install agentshield-sdk
```
### Server (Development)
```bash
cd server
pip install -r requirements.txt
uvicorn main:app --reload
```
### Dashboard
```bash
cd dashboard
npm install
npm run dev
```
### CLI
```bash
pip install agentshield-cli
agentshield init
```
## Architecture
| SDK | Python | Agent instrumentation & local detection |
| Server | FastAPI + SQLAlchemy | Event ingestion, threat analysis, API |
| Dashboard | React + Vite + TailwindCSS | SOC UI, real-time monitoring |
| CLI | Click | Developer tooling |
| Threat Intel | JSON patterns + Python engine | Known attack pattern matching |
| Infra | Docker + Kubernetes | Deployment |
## Detection Capabilities
| Prompt Injection | Pattern matching + ML scoring | ALERT |
| PII Leakage | Regex + NER patterns | BLOCK |
| Data Exfiltration | Size analysis + base64 detection | BLOCK |
| Jailbreak Attempts | Pattern library matching | ALERT |
| Scope Creep | Resource access monitoring | ALERT |
| Anomalous Behavior | Statistical baseline deviation | ALERT |
| Rapid API Calls | Rate pattern analysis | RATE_LIMIT |
## Documentation
- [Quick Start Guide](docs/quickstart.md)
- [SDK Reference](docs/sdk-reference.md)
- [Server API Reference](docs/server-api.md)
- [Policy Configuration](docs/policies.md)
- [Threat Model](docs/threat-model.md)
- [Deployment Guide](docs/deployment.md)
- [Architecture Deep Dive](docs/architecture.md)
## License
MIT β see [LICENSE](LICENSE)