Back to App Store

AEGIS

Pilot Protocol · io.pilot.aegis
Runtime firewall for AI agents — blocks prompt injection before your agent reads it.
Security Live on catalogue
Install
pilotctl appstore install io.pilot.aegis
v0.1.3
Version
7
Methods
Size
guarded
Sandbox
macOS · Linux
Platforms

About AEGIS

AEGIS is a runtime firewall for AI agents. It inspects untrusted content reaching your agent — inbox messages, tool results, web fetches, MCP responses, skill files — and blocks prompt injection, jailbreaks, and impersonation before the agent ever sees it. Genuine status messages pass straight through.

Two layers: L1 Aho-Corasick pattern matching (pure Rust, microseconds, ~120 known attack families with homoglyph and leetspeak normalization) and L2 a local Qwen3-1.7B judge via llama.cpp — fully offline, no network. On a held-out labeled set it scores 90% recall, 95% precision, 92% F1. An 880 KB binary with an HMAC-chained audit log.

Methods · 7

aegis.scan
One-shot scan of a file or directory for prompt injection, jailbreaks, homoglyph/leetspeak obfuscation, and impersonation.
aegis.status
Tail the HMAC-chained audit log of recent verdicts.
aegis.targets
List the agent surfaces AEGIS is protecting (inbox, tool results, skill files, memory).
aegis.config
Show the effective AEGIS configuration.
aegis.version
Print the AEGIS version.
aegis.exec
Run any AEGIS subcommand verbatim — including the scan-cmd / scan-result blocking gates (allow 0 / block 2) via stdin.
aegis.help
Print usage and the subcommand list.

What’s New

v0.1.3 Latest
  • Runtime firewall: L1 Aho-Corasick patterns + L2 local Qwen3-1.7B judge
  • Fully offline — no network
  • HMAC-chained audit log; 90% recall / 95% precision on the held-out set

Platform Compatibility

macOS Apple Silicon
845 KBSupported
macOS Intel
Not available
Linux arm64
924 KBSupported
Linux amd64
924 KBSupported