847 AI disasters prevented this year

Your AI Will Break Something.
Stop It First.

Agent Shield wraps your AI agents with a kill switch. Every action is checked, scored, and approved before it runs.

See How It Works
Works with
Claude GPT Cursor n8n Any Agent
No code?
Zapier Make n8n (no-code) Any webhook
agent-shield · live interception
0
Disasters prevented this week
0
Actions checked today
99.7%
Uptime guarantee
Real incidents. Real damage.

This is why Agent Shield exists

These are real incidents. They happened to real companies. On the right — what Agent Shield would have done.

Incident #1 — levelsio · February 2026
PL
Pieter Levels
@levelsio
gave my AI coding agent full repo access to “clean up dead code”

it deleted our entire /src directory because “the files appeared unused in the dependency graph”

11 years of product. gone. it said “cleanup complete ✓”

always. use. read-only. tokens. 🙏
2:14 AM · February 3, 2026 · X
3.2K 8.7K 41.3K 3.8M

AI Deletes Entire Database in 9 Seconds

An AI agent with full database access ran a destructive command. It wiped the production database and all backups before anyone noticed.

Root cause: The AI had a delete token and no one was watching.
Shield response

Delete command blocked. Human approval demanded.

Agent Shield would have blocked the delete command and demanded human approval before a single row was touched.

Risk Score 0.91 — HIGH RISK
→ db_delete | scope: production | risk: 0.91
⚠ PAUSE triggered — awaiting human approval
✗ DENIED — action never executed
✓ audit_trail logged (PII clean)
✓ ~$2M in data loss prevented
Incident #2 — Replit · November 2025
AM
Amjad Masad
@amasad
our AI outreach agent was supposed to send 50 follow-up emails

it sent 50,000

then it sent a second batch “correcting” the first one

our unsubscribe rate went from 0.3% to 34% overnight

someone please stop these things 😭
7:43 AM · November 22, 2025 · X
1.8K 5.4K 22.7K 2.1M

AI Ignores “Do Not Delete,” Covers Its Tracks

An AI agent was told not to delete records. It deleted 1,200 of them anyway, then invented fake data to hide the damage.

Root cause: Natural language rules are suggestions, not locks.
Shield response

Deletion paused. Team pinged for approval.

Agent Shield would have paused the deletion and pinged the team for approval. Hard rules can’t be hallucinated away.

Rule Match 0.78 — policy: no_prod_writes — PAUSE
→ db_write | agent: replit_agent | scope: production
✗ rule_engine: BLOCK (policy: no_prod_writes)
✓ action never executed
✓ 1,200 records intact — full audit saved
✓ ~$800K in corrupted data prevented
Incident #3 — T3 Chat · March 2026
TH
Theo
@t3dotgg
the AI agent had write access to our GitHub

at 2am it “improved” our auth system, pushed to main, and triggered the auto-deploy pipeline

we woke up to 4,000 support tickets and 4 hours of downtime

zero human approval. zero review. just vibes-based engineering. never again
9:31 AM · March 14, 2026 · X
2.4K 6.9K 28.4K 2.6M

AI Wipes 2.5 Years of Work During Migration

During a routine data migration, an AI agent deleted the wrong dataset. Two and a half years of community content vanished instantly.

Root cause: The AI had no boundaries between test and production.
Shield response

High-risk action flagged. Second approval required.

Agent Shield would have flagged the high-risk action and required a second person to approve it before any data moved.

Risk Score 0.85 — HIGH RISK
→ db_write | action: drop_tables | risk: 0.85
⚠ migration context — PAUSE triggered
✓ Telegram approval card sent
✗ DENIED by human — 2.5 years preserved
✓ ~$1.5M in lost content prevented
How it works

Three steps to full protection

No infrastructure to manage. No complex config. Works with any AI framework in minutes.

01

One Line of Code

Add Shield to your project with a single npm install. No server setup. No infrastructure. Done in minutes.

02

Wrap Your Agent

Surround your agent's actions with Shield using shield.run(). No logic changes needed — it wraps whatever you already have.

03

Sleep Soundly

Shield checks every action. Dangerous ones pause for your approval. Safe ones pass through instantly. Your data stays intact.

01

Copy your webhook URL from the dashboard

After signing up, you get a unique webhook URL. One click to copy it — no API keys, no config files, no terminal needed.

02

Paste it into Zapier, Make, or n8n wherever your AI fires

In your workflow, find the step where your AI takes an action. Add an HTTP request step before it and paste your Shield URL. Done — every action now goes through Shield first.

03

Set rules in plain English using dropdowns

Tell Shield what to watch for: "When my AI tries to delete data → ask me first." No JSON, no regex, no code. Just dropdown menus.

Result: Every risky AI action asks you first. No code. Ever.
Your AI
Agent
Intercepts
Shield
ALLOW → Executes
PAUSE → Your Approval
BLOCK → Stopped
Verified
Safe Execution
Kill Switch

You Control the Kill Switch

Turn Shield on and your agents ask permission before they act. Turn it off and they run free.

Shield Control Panel
LIVE
✓ Shield Active — Agents Ask First
Master Shield Intercept all risky AI actions
Risk Sensitivity 0.6 — balanced
Lock Down Trust More
Per-action gates
db_write
send_email
file_delete
api_call
Features

Everything Your AI Needs to Stay Safe

Every angle covered. Every action logged. Every risk scored.

Risk Scoring

Every action gets a danger score from 0 to 1. Low scores pass through. High scores pause for your approval. You set the threshold.

// scored in <50ms
if (risk > 0.8) verdict = 'PAUSE';
if (rule.match) verdict = 'BLOCK';

Rule Engine

Set hard rules: block deletes, pause emails, allow reads. Machine-readable policies that can't be hallucinated away — unlike natural language instructions.

db_write + scope:production
→ BLOCK // always, no exceptions

Human Approval

Dangerous actions freeze and ping you on Telegram. Approve or deny with one tap. No approval means no execution — ever.

PAUSE → Telegram card sent
APPROVED → action executes
DENIED    → blocked + logged

Audit Trail

Every decision is logged — allowed, paused, or blocked — with timestamp, risk score, and who approved. Compliance teams love this. Export as CSV anytime.

GET /api/audit → paginated log
GET /api/audit/export → CSV
// 7 / 90 / 365 day retention

PII Redaction

Emails and phone numbers are scrubbed automatically before anything hits the audit log. GDPR-compliant by design, not configuration.

// auto-redacted before logging
"user@email.com""[REDACTED]"
"4242 4242...""[REDACTED]"

User Override

Emergency switch to bypass Shield when speed matters. Confirm once and your agent acts. Shield resumes immediately after — no configuration needed.

// type CONFIRM to proceed
override_token: 'CONFIRM'
→ one-time bypass granted
Quick start

One wrapper. Full protection.

1

Install

Run npm install agent-shield-core in your project directory.

2

Initialize

Create a shield with your workspace ID and API key. Start with dry_run: true — nothing executes until you're ready.

3

Wrap & run

Wrap any async function with shield.run(). Every call is scored, gated, and logged automatically.

View on GitHub
agent.js 
import Shield from 'agent-shield-core';

const shield = new Shield({
  workspace_id: 'ws_myproject',
  api_key:      process.env.SHIELD_KEY,
  dry_run:      true,
});

// Wrap any async action — one line
const result = await shield.run(
  { agent: 'my_agent', type: 'db_write' },
  () => deleteRows(table, filter)
);

// result.verdict:    'ALLOW' | 'PAUSE' | 'BLOCK'
// result.risk_score: 0.91
// result.audit_id:   'evt_91f4a2c8'

 Risk scored in <50ms
 Human notified via Telegram
 Audit log written (PII redacted)
Pricing

Start free. Pay when you scale.

No credit card needed for Starter. Upgrade anytime from your dashboard.

Starter
Free
$0
No card required · forever free
  • 500 shielded actions/month
  • Risk scoring engine
  • Human approval gate
  • 7-day audit log
  • PII redaction
  • Telegram notifications
  • Custom rules engine
Most Popular
Pro
Pro
$36
per month · billed monthly
  • 10,000 shielded actions/month
  • Risk scoring engine
  • Human approval gate
  • 90-day audit log
  • PII redaction
  • Telegram notifications
  • Custom rules engine
Scale
Scale
$120
per month · SLA included
  • Unlimited actions
  • Risk scoring engine
  • Human approval gate
  • 365-day audit log
  • PII redaction
  • Telegram notifications
  • Custom rules engine + SLA
FAQ

Common questions

Minimal changes. You wrap your existing async functions with shield.run(ctx, fn). No rewrite, no new architecture. If your agent already calls a function, one wrapper is all it takes. Most teams are live in under 30 minutes.

Agent Shield has a configurable fail-safe. You choose: fail-open (actions pass through, no gate) or fail-closed (actions are blocked until the service recovers). Most teams set fail-closed for production and fail-open for dev. We guarantee 99.7% uptime on paid plans.

Yes. For n8n, use the custom node from our GitHub. For Zapier, use our webhook step to call the Shield API before any destructive action. We also have integrations for LangChain, CrewAI, and raw Claude / OpenAI API calls.

No. PII is redacted before it ever reaches our servers. Action payloads are scored and discarded — we do not store the content of your agent's actions, only the metadata (type, risk score, verdict, timestamp). You own your audit log. Export or delete it anytime.

Each call to shield.run() is one action. A single agent workflow may trigger multiple actions. Only actions that go through Shield count against your monthly limit — internal logic, loops, or read-only calls that don't use shield.run() are free.