Demo / compliance boundary for production agents

Stop unsafe AI actions before users see them.

Catch leaked data, bad replies, and risky tool calls in production. Use the SDK or proxy to return allow, rewrite, block, or escalate with a trace.

Install the SDKBook a meetingView GitHub

source

Agent app

Drafts, tool calls, workflow actions

path A

SDK

Inline guard() in your agent loop

path B

Proxy server

Policy boundary in front of agent traffic

TrustLoopGuard

Runtime decision layer

allowrewriteblockescalate

POST /v1/events

Return a verdict, safe rewrite, reason, and trace ID before delivery.

trace

tr_7f3a

policy=support/private-data

decision

rewrite

Remove private customer fields

app action

send safe response

Your product still owns delivery

Quick installTypeScript
$ npm install @trustloopguard/sdk

01. The problem

Agents are starting to take real actions.

They send emails, call tools, query private data, trigger workflows, and speak directly to customers. A prompt filter is not enough once the agent is deciding what to do next.

  • Unsafe output can reach users before a review happens.
  • Teams cannot explain why a response or tool call was allowed.
  • Policies drift across prototypes, SDKs, and production services.

02. Runtime loop

Add one check before your agent acts.

01

Agent proposes an action

Your app or proxy layer captures the prompt, proposed output, and policy context before delivery.

02

TrustLoopGuard checks it

The Rust API evaluates policy and runtime checks against the proposal.

03

Your app handles the verdict

Continue, use the rewrite, block with a reason, or escalate with context attached. You still own delivery.

04

Every decision is traced

The dashboard can show what happened, which policy fired, and how the app responded.

03. Verdicts

Four outcomes your app can handle.

allow

Safe to continue.

Return the response unchanged.

rewrite

Patch the unsafe parts.

Mask secrets, remove private data, or return a safer answer.

block

Stop the action.

Refuse with a reason your app can show or log.

escalate

Route to a human.

Attach the prompt, proposal, policy, and trace ID.

04. SDK quickstart

Use the SDK inside your agent loop.

One guard call submits a GuardEvent and returns a decision before the action reaches a user.

Check boundaryYour agent loop
SDKsTypeScript, Python, Rust
import { guard } from '@trustloopguard/sdk';

const guardrail = guard({ agentId: 'support-agent' });

const reply = await guardrail({
  input: prompt,
  draft: proposal,
});

return reply;
POST /v1/events - Decisionok 200 - traced

05. Monitoring

Track failed policies before users are exposed.

See which actions were blocked, rewritten, or escalated, with a trace for why.

Blocked actions
Escalations
Policy failures

06. Use cases

Built for teams putting agents in production.

Customer-support agents

Prevent leaked account data, unsafe advice, and policy-breaking replies.

Internal copilots

Stop prompt injection, secret exposure, and unauthorized tool use.

Workflow agents

Escalate high-risk actions before they trigger irreversible changes.

Developer platforms

Give users guardrails without forcing every team to build its own runtime layer.

Ship the check

Add a policy check before your agent acts.

Start with the SDK, run the Rust service, and inspect decisions in the dashboard when your agent hits policy boundaries.

Book a meetingClone on GitHubRead the docs