Build for Guard

Build Agents That Pass Guard

Guard enforces agent identity, payload integrity, and freshness on every request. The CLI lets you rehearse those checks locally—so your agents pass in production, not just in dev.

Explore Guard Install CLI
Open Source
Apache 2.0
No Sign-up Required
Dev — CLI rehearsal
$ capiscio validate ./agent.json
Agent identity: signature valid
Integrity: schema compliant
Freshness: timestamps valid
Ready for Guard ✓
Production — Guard enforcement
from capiscio import SimpleGuard
SimpleGuard(app) # enforces on every request
Bad signature? Rejected.
Tampered payload? Rejected.
Replay attempt? Rejected.

Guard Is the Truth. CLI Is Rehearsal.

Guard enforces agent identity, payload integrity, and freshness on every production request. The CLI lets you test against those same rules in dev and CI—so nothing surprises you at runtime.

01. Dev

Rehearse with CLI

Run the same agent identity, integrity, and freshness checks Guard will run—before you commit. If CLI passes, Guard passes.

# Test against Guard rules
$ capiscio validate agent.json
# Verify signatures
$ capiscio validate --strict
02. CI

Gate Before Deploy

No agent reaches production unless it passes Guard's rules. CLI in CI is your last check before enforcement goes live.

# Block bad agents at merge
steps:
- name: Guard-ready check
run: capiscio validate --strict
03. Production

Guard Enforces

This is the real thing. Every request verified. Bad actors rejected. No exceptions. Drop-in middleware or standalone sidecar.

from capiscio import SimpleGuard
SimpleGuard(app) # that's it
# Now enforcing on every request
Explore Guard →

The Three Pillars We Check

CLI and Guard share the same validation semantics. Every check answers one of three questions.

1

Agent Identity

Which agent is calling? We verify the Ed25519 signature against the public key in the agent card. Not user login—agent-to-agent authenticity.

2

Integrity

Was the payload tampered with? We hash the request body and compare it to the signed digest. Any mismatch fails closed.

3

Freshness

Is this request current? Timestamps and nonces prevent replay attacks. Stale or reused requests are rejected.

agent-card.jsonValid A2A Card
{
  "version": "1.0.0",
  "metadata": {
    "name": "PaymentAgent",
    "description": "Handles secure transactions",
    "created_at": "2025-11-24T10:00:00Z"
  },
  "identity": {
    "did": "did:web:example.com:agents:payment",
    "public_key": "MCowBQYDK2VwAyEA..."
  },
  "capabilities": [
    {
      "type": "protocol.payment.v1",
      "endpoints": [
        {
          "url": "https://api.example.com/pay",
          "method": "POST"
        }
      ]
    }
  ],
  "signature": "eyJhbGciOiJFZERTQSJ9..."
}

Open Source. No Lock-In.

Guard and CLI are Apache 2.0 licensed. Run them on your infra, fork them, extend them. The enforcement layer for agent security shouldn't be a black box.

Explore GuardStar on GitHub
100%
Open Source
0
Tracking Pixels
Apache 2.0
License

Frequently Asked Questions

Everything you need to know