Skip to main content
v1.4.2 released — 16 AI platform support, 101 ATR rules, OWASP Agentic Top 10 full coverage, 90,000+ skills scanned. See changelog.
Panguard AI is the first open-source security platform built for the AI agent era. As AI agents gain root-level access to production systems, Panguard provides the detection rules, enforcement engine, and collective intelligence network to keep them in check. One command. Full protection. No account required. 
curl -fsSL https://get.panguard.ai | bash

By the Numbers

101 detection rulesATR (101) + community
16 AI platformsClaude Code, Claude Desktop, Cursor, OpenClaw, Codex, WorkBuddy, NemoClaw, ArkClaw, Windsurf, QClaw, Cline, VS Code Copilot, Zed, Gemini CLI, Continue, Roo Code
OWASP 10/10Full coverage of OWASP Agentic Top 10 for Agentic Applications 2026
3-layer AI pipelineRules engine, local AI (Ollama), cloud AI (Claude/OpenAI)
11 MCP toolsScan, audit, guard, threat search, and more
8-check Skill AuditorGates every AI skill before install
0 accounts requiredNo login, no signup, no API key needed to start

OWASP Agentic Top 10: Full Coverage

ATR rules map to every category of the OWASP Top 10 for Agentic Applications 2026:
OWASP CategoryATR RulesCoverage
ASI01: Agent Goal Hijack13 rulesSTRONG
ASI02: Tool Misuse & Exploitation11 rulesSTRONG
ASI03: Identity & Privilege Abuse9 rulesSTRONG
ASI04: Agentic Supply Chain8 rulesSTRONG
ASI05: Unexpected Code Execution8 rulesSTRONG
ASI06: Memory & Context Poisoning8 rulesSTRONG
ASI07: Inter-Agent Communication5 rulesMODERATE
ASI08: Cascading Failures4 rulesMODERATE
ASI09: Human-Agent Trust5 rulesMODERATE
ASI10: Rogue Agents7 rulesMODERATE
Full mapping: OWASP-MAPPING.md on GitHub

Three Pillars

ATR -- The Standard

101 rules across 9 threat categories. The first open standard for AI agent threats — prompt injection, tool poisoning, skill compromise, agent manipulation. YAML-based, human-readable, machine-enforceable. OWASP Agentic Top 10: 10/10 covered.

Threat Cloud -- The Network

Collective immunity. Every install contributes anonymized threat signals. The pipeline auto-generates rules from real-world attacks. 11 intel sources. Synced every hour.

Guard -- The Engine

4-agent AI pipeline. Detect, Analyze, Respond, Report. Processes OS-level events through 101 ATR rules. Built-in Skill Auditor. Auto-response blocks IPs, kills processes, quarantines files.

Quick Start

Install, scan, and protect in 4 commands: 
curl -fsSL https://get.panguard.ai | bash
panguard setup
panguard scan --quick
panguard guard start --dashboard
panguard setup auto-detects all 16 AI platforms on your machine and injects the correct MCP or native Skill configuration for each. panguard guard start --dashboard starts 24/7 protection and opens a local dashboard in your browser at http://127.0.0.1:9100.

Step-by-step Quick Start

Detailed walkthrough with expected output for each step.

Installation Guide

Platform-specific instructions for macOS, Linux, and Windows.

Platform-Specific Setup

curl -fsSL https://get.panguard.ai | bash && panguard setup
Auto-detects and configures all 16 supported AI platforms in one command: Claude Code, Claude Desktop, Cursor, OpenClaw, Codex, WorkBuddy, NemoClaw, ArkClaw, Windsurf, QClaw, Cline, VS Code Copilot, Zed, Gemini CLI, Continue, Roo Code.
For manual configuration and troubleshooting, see the platform setup guide.

Who is Panguard AI for?

Developers

Secure your servers, VPS, and dev machines with zero configuration. One command, then back to work.

Small Businesses

Compliance-ready security without a dedicated team. Auto-generate ISO 27001, SOC 2, and Taiwan TCSA audit reports.

MSPs

Monitor and protect endpoints with real-time Guard protection.

Why Panguard AI?

Traditional security tools cost six figures and require dedicated teams. Free tools exist but are unusable without security engineers. Panguard takes a different approach:
  • One command install — no config files, no tuning, no jargon
  • Plain language alerts — Telegram, Slack, Email, LINE in your preferred language
  • AI auto-triage — the system judges severity, responds, and reports autonomously
  • Gets smarter over time — behavioral baselines adapt to your environment
  • Skill Auditor — gates every AI skill before install, prevents supply chain attacks
  • 100% free — MIT licensed, no paid tiers, no feature gates, no paywalls

Research Paper

ATR is backed by a peer-reviewed research paper documenting the methodology, detection architecture, and evaluation results.
Agent Threat Rules: A Community-Driven Detection Standard for AI Agent Security Published on Zenodo (DOI: 10.5281/zenodo.19178002). Under review at arXiv and SSRN.
The paper covers: threat taxonomy, detection architecture (regex + LLM crystallization), PINT MCP benchmark evaluation (62.7% recall, 99.7% precision), SKILL.md benchmark (96.9% recall, 100% precision), and 64 documented evasion techniques.

100% Open Source

Every feature is free. Full source code. Zero black boxes. Every line is auditable.

Panguard AI on GitHub

Star the repo, browse source, report issues, or contribute.

ATR Rules on GitHub

The open standard for AI agent threat detection. Contribute rules to strengthen collective immunity.

Explore

Product Overview

Deep dive into the three pillars: ATR, Threat Cloud, and Guard.

CLI Reference

Complete command reference for every Panguard CLI tool.

API Reference

REST API docs for Threat Cloud.

Concepts

Understand the three-layer AI architecture powering Panguard.