Skip to main content

Install + Protect in One Command

bash curl -fsSL https://get.panguard.ai | bash
This does everything: installs Panguard, connects your AI agents (all 16 supported platforms including Claude Code, Cursor, OpenClaw, Windsurf, Zed, and more), and scans all installed skills. Then start protection: 
pga up
This starts Guard + opens the dashboard. Two characters, fully protected.

Scan Your AI Skills

Once installed, audit any MCP skill before installing: 
pga audit skill ./my-skill

Risk Score: 8/100 (LOW)
[PASS] Manifest: valid SKILL.md
[PASS] Prompt Safety: no injection patterns
[PASS] Secrets: none found
[PASS] Code: no suspicious patterns

VERDICT: SAFE TO INSTALL
For a full scan of all installed skills across all platforms: 
pga scan
This checks all installed skills against 71 ATR rules covering all 10 OWASP Agentic Top 10 categories — prompt injection, tool poisoning, credential theft, and more.
CRITICAL and HIGH findings need your attention. Review each finding and decide whether to keep, update, or remove the flagged skill.

Check Guard Status

pga status

Status:     RUNNING
Mode:       learning (Day 1/7)
Rules:      71 ATR detection rules (OWASP 10/10)
Dashboard:  http://127.0.0.1:3743
Learning mode (Days 1-7): Guard watches your normal behavior and builds a baseline. No false positives. After Day 7, anomaly detection kicks in automatically.

How the Flywheel Works

When you run Panguard, your machine joins a collective defense network:
  1. Guard detects a threat on your machine.
  2. An anonymous hash is shared with Threat Cloud (no personal data, no source code).
  3. 3 independent scanners confirm the pattern — a new ATR rule is auto-generated.
  4. All Panguard users get the new rule within 1 hour.
One machine gets attacked. One hour later, every machine is immune.

Common Commands

CommandWhat it does
pgaOpen interactive menu
pga upStart protection + dashboard
pga setupAuto-detect and connect AI platforms
pga scanScan all installed skills
pga audit skill <path>Audit a single skill before installing
pga statusCheck protection status
pga guard stopStop the Guard daemon
pga is a shortcut for panguard. Every command works with both names.

What’s Next

Understand Your Score

What your A-F grade means and how to improve it.

Set Up Notifications

Get alerts via Telegram, Slack, or Email when threats are detected.

Platform Integration

Manual setup for OpenClaw, NemoClaw, ArkClaw, and other platforms.

CLI Reference

Full reference for every command and flag.