The firewall of the agent era

Security for agents before they act.

Anubis runs background checks on AI agents, validates their behavior, controls their access, tracks runtime actions, and keeps audit evidence when trust changes.

Request access See the product

anubis / background-check / finance-reconciler

production guarded

finance-reconciler

source: github.com/acme/agents · provider: anthropic · runtime: langgraph · owner: controlling.ops

policy v12 review required revoke

62risk

Source verified. Permissions need review.

Anubis checked the repository, package signatures, model provider, runtime, MCP tools, data classes, owner, and requested scopes before allowing production access.

source verified owner mapped over-scoped tool

Source

Repository signed, dependency scan clean, package hash matched

passed

Tools

NetSuite write scope exceeds declared reconciliation task

review

Data

EU residency met, no model training retention

passed

Validation suite

prompt injection

PII exfiltration

tool misuse

policy bypass

over-permissioning

Decision

The agent passed source checks but failed over-permissioning. Replace standing write access with a short-lived approval token.

blocked change owner notified evidence saved

09:42:11 snowflake.query vendor balance lookup with short-lived token

allowed

09:42:19 netsuite.write attempted invoice update outside approved scope

review

09:42:23 gmail.send external message requested, undeclared capability

blocked

09:42:30 audit.record evidence attached to deployment review

stored

Evidence

Source check, validation results, tool calls, approvals, policy diffs

complete

Export

SOC 2, ISO 27001, model risk review, vendor risk packet

ready

Finding

Standing write access conflicts with least-privilege policy

open

The complete loop

Background check, then guardrail.

Anubis starts before deployment and stays active after approval: verify the source, validate behavior, approve access, enforce runtime policy, audit actions, and revoke trust when risk changes.

agent firewall lifecycle continuous trust

Source check

Verify repository, package signature, dependency risk, model provider, runtime, owner, declared tools, and data boundaries.

The next perimeter is not a network. It is an agent with credentials.

Anubis is built for teams connecting agents to CRMs, inboxes, documents, databases, and internal workflows. The goal is not to slow AI down. The goal is to make agent access reviewable, reversible, and safe enough to operate.

Agent passport

No manifest, no access.

Every agent gets a passport: source, owner, model, tools, data classes, safety results, approved scopes, runtime controls, and audit requirements.

agent.passport.json signed · checked · enforceable

{
  "agent": "finance-reconciler",
  "source": "github.com/acme/agents",
  "owner": "controlling.ops@acme",
  "purpose": "invoice reconciliation",
  "tools": ["snowflake.read", "netsuite.write"],
  "background_check": true,
  "safety_validation": "review_required",
  "standing_access": false
}

Private design partner access

Put one agent through the firewall.

Start with a real agent that already touches tools, data, or workflows. Anubis will help you verify its source, test its behavior, approve its access, and preserve the audit trail.

Request access Open product overview