Built for Real AI Agent Security

Practical controls for local scans, CI checks, and production workflows, with clear evidence your team can review.

Why teams pick SkillGate

One control plane from static scan to runtime enforcement, built for agent security teams.

Runtime Sidecar Enforcement

Block risky tool actions before they run across editor, local, and CI workflows.

  • Checks shell, network, and file actions before execution
  • Applies team policy consistently across environments
  • Returns clear allow or block outcomes with reasons
  • Powers VS Code extension preflight and Python SDK @enforce decisions
  • Continuously validated with capability testbed corpora built from real-world agent repos
  • Keeps security overhead low for developer workflows

Auth and Offline License Modes

Keep protections reliable with secure sessions and safe fallback behavior.

  • Verifies active access before sensitive operations
  • Supports limited-connectivity scenarios without silent bypass
  • Matches runtime limits to your active plan
  • Stores credentials safely in normal operation

MCP Gateway for Claude Code

Protect MCP tool paths before requests reach external providers.

  • Approves trusted providers and blocks unknown sources
  • Flags risky tool metadata before model exposure
  • Detects permission changes that exceed approved scope
  • Maintains an auditable trust history for integrations

Claude Ecosystem Governance

Protect Claude workspaces from unsafe configuration and prompt injection.

  • Scans instruction files such as CLAUDE.md and AGENTS.md
  • Checks hooks and plugins before risky capabilities are allowed
  • Tracks configuration changes that impact safety posture
  • Helps teams investigate and remediate incidents quickly

Codex Bridge and CI Guard Mode

Run Codex safely with policy checks and strict CI defaults.

  • Runs Codex through SkillGate safety checks by default
  • Blocks unexpected config changes before execution
  • Requires re-approval when provider binaries change
  • Prevents silent expansion of trusted commands and providers

Signed Audit Proof for Compliance

Generate records your security and compliance teams can trust.

  • Exports JSON and SARIF for existing security tools
  • Signs scan and runtime records for audit confidence
  • Preserves action history for incident response
  • Provides remediation context for blocked operations

Moat Coverage

Each protection layer has a dedicated guide so teams can deploy it in local development and CI.

Runtime Sidecar Controls

Interception and policy checks before shell, network, and filesystem actions.

Agent Gateway Wrapper

Guard OpenClaw and other local AI agents through skillgate run.

Codex CLI Protection

Config safety checks, provider trust controls, and CI hardening.

Claude Code Protection

Instruction, hooks, plugins, and settings safety controls.

MCP Gateway Protection

Trusted provider allowlists, metadata safety, and permission drift checks.

Signed Security Evidence

Signed session records and SARIF output for CI and audit.

Detection Rule Categories

Every rule has an ID, severity, weight, and clear description. No hidden scoring.

SG-SHELL-*15+ rules

Shell Execution

subprocess, system(), exec, backticks, popen

SG-NET-*12+ rules

Network Access

HTTP clients, raw sockets, server listeners

SG-FS-*12+ rules

Filesystem

File writes, deletions, path traversal

SG-EVAL-*12+ rules

Dynamic Execution

eval, exec, unsafe blocks, dynamic loading

SG-CRED-*12+ rules

Credential Access

ENV access, hardcoded keys, secrets

SG-INJ-*7+ rules

Code Injection

SQL injection, template injection, format strings

SG-OBF-*5+ rules

Obfuscation

Base64 encoding, hex encoding, char codes

Language Coverage

PYPython
JAJavaScript
TYTypeScript
SHShell
GOGo
RURust
RURuby

Ship Claude Code and Codex workflows with guardrails

Start with runtime protections locally, then enforce the same guardrails for MCP and Codex in CI.

Built on regression testbeds that replay capability patterns from large public agent skill collections.

# Install

pip install skillgate

# Scan a skill

skillgate scan ./my-skill --enforce

# Verify a signed report

skillgate verify report.json