Anthril
Get the brief
← All projects
Developer toolApplied AI for Businesses

VGuard

Runtime policy enforcement for Claude Code and CI pipelines. Block unsafe agent mutations before they reach production — not after. Signed policy bundles for org-wide governance.

What it does

Relationship

VGuard sits in front of Claude Code workflows and CI pipelines. It is independent of Anthropic — the runtime hooks and policy engine are separate from the assistant. VGuard enforces; Claude executes.

Features

What it does.

01

Runtime hooks for Claude Code

Intercepts agent tool calls before they execute. Policy is evaluated in-process — no round-trip to a cloud service required for enforcement.

02

CI gate

Drop VGuard into any CI pipeline as a PR check. Block merges that include agent-generated changes violating your policy bundle — with inline PR comment annotations.

03

Signed policy bundles

Policies are signed and version-controlled. Teams share org-wide bundles; individual repos extend them. The trust model is explicit and auditable.

04

Baseline mode

Capture existing violations as a baseline on day one. Fail only on new violations — so teams can adopt VGuard incrementally without blocking existing work.

05

Structured violation events

Every violation emits a structured event with the violated rule, the agent action, the file path, and suggested remediation. Pipeable to Cloudflare logs, S3, or any analytics pipeline.

06

Multiple output formats

Human-readable, JSON, NDJSON, and GitHub Actions annotation formats. The same violation data works for terminal review, log pipelines, and PR comment bots.

Get started

Get started.

Install the CLI, run vguard init to scan your repo, and connect a cloud policy bundle for org-wide governance.

View on GitHubGet in touch

VGuard is the coding agent firewall. It blocks unsafe agent actions before they mutate your codebase — at the tool-call level, before the change reaches your repo, not after.

Most teams governing coding agents today rely on code review. That works until an agent produces 47 changes across 12 files and a reviewer approves it in thirty seconds because the diff looks plausible. VGuard enforces your policy before the mutation happens — not as a style guide, but as a runtime constraint.

What it is not

  • Not a content moderation tool
  • Not an LLM-judge scoring output quality after the fact
  • Not a replacement for code review
  • Not a vendor-locked firewall tied to one AI provider

Status

Week 1–6 foundation phase. The monorepo, CLI trust model, cloud policy sync, analytics ingestion, and policy bundle foundation are in place. The initial rule set is small (3 rules, 2 presets) and expanding. Early access is open for teams using Claude Code in production.