Evo Agent Guard - Experimental Preview
Agent Guard gives security teams real-time visibility into what coding agents are doing across every developer machine and the ability to detect and block dangerous actions before they cause harm.
Developers connecting coding agents to internal systems allow for customer records, PII, and sensitive data to pass through agent tool calls with no visibility into what leaves your organization.
Indirect prompt injection embeds malicious instructions in content that agents read — a customer ticket, a code comment, a web page. Your coding agent can be turned into an attacker without anyone knowing.
API keys, tokens, and passwords surface in agent outputs and get sent wherever those outputs go. By the time you find out, you're already rotating credentials and running an incident response.
Evo Agent Guard integrates directly into your coding agents and monitors every action they take.
Detect PII leakage in agent tool calls and outputs in real time.
Surface prompt injection attacks as they hijack agent behavior.
Catch credentials and secrets appearing in agent outputs before they leave your environment.
Detect prompt injections, secrets, PII, sensitive bash commands, workspace boundary, toxic flows, and more — active from day one.
Monitor agent activity and receive alerts when risk is detected.
Block violations in real time before actions are completed.
Track risk trends per category across your environment.
Evo Agent Guard gives you a continuous, browsable feed of agent activity across every machine so you can spot patterns, identify risks, and build a clear picture of what needs governing.
Filter activity by machine, client, session, or timeframe.
Detect unusual patterns before they become incidents.
Use insights to define policies and inform risk decisions.
Point-in-time tools check whether a prompt looks suspicious. Agent Guard understands the full session — correlating what data was entered, what the agent did, and what was left in your environment.
Catch real Toxic Flows and lethal trifecta issues.
Trace sensitive data through agent tool calls end-to-end.
Get a real-time view of what agents are doing across your environment.
Enforce guardrails automatically and maintain audit-ready visibility into agent behavior.
Replace reactive detection with real-time prevention.
Block unsafe commands, data exfiltration, and toxic execution paths automatically.
Give developers the freedom to use coding agents while runtime guardrails enforce security automatically.
Windsurf, Codex, Copilot, Gemini, OpenCode, and more.