Back to App Store
AEGIS
Pilot Protocol · io.pilot.aegis
Runtime firewall for AI agents — blocks prompt injection before your agent reads it.
Security Live on catalogue
pilotctl appstore install io.pilot.aegis v0.1.3
Version
7
Methods
—
Size
guarded
Sandbox
macOS · Linux
Platforms
About AEGIS
AEGIS is a runtime firewall for AI agents. It inspects untrusted content reaching your agent — inbox messages, tool results, web fetches, MCP responses, skill files — and blocks prompt injection, jailbreaks, and impersonation before the agent ever sees it. Genuine status messages pass straight through.
Two layers: L1 Aho-Corasick pattern matching (pure Rust, microseconds, ~120 known attack families with homoglyph and leetspeak normalization) and L2 a local Qwen3-1.7B judge via llama.cpp — fully offline, no network. On a held-out labeled set it scores 90% recall, 95% precision, 92% F1. An 880 KB binary with an HMAC-chained audit log.
Methods · 7
aegis.scan One-shot scan of a file or directory for prompt injection, jailbreaks, homoglyph/leetspeak obfuscation, and impersonation.
aegis.status Tail the HMAC-chained audit log of recent verdicts.
aegis.targets List the agent surfaces AEGIS is protecting (inbox, tool results, skill files, memory).
aegis.config Show the effective AEGIS configuration.
aegis.version Print the AEGIS version.
aegis.exec Run any AEGIS subcommand verbatim — including the scan-cmd / scan-result blocking gates (allow 0 / block 2) via stdin.
aegis.help Print usage and the subcommand list.
What’s New
v0.1.3 Latest
—
- Runtime firewall: L1 Aho-Corasick patterns + L2 local Qwen3-1.7B judge
- Fully offline — no network
- HMAC-chained audit log; 90% recall / 95% precision on the held-out set
Platform Compatibility
macOS Apple Silicon
845 KBSupported
macOS Intel
Not available
Linux arm64
924 KBSupported
Linux amd64
924 KBSupported