AgenShield monitors, controls, and secures AI agent activity on developer machines — enforcing organization policies on process execution, file access, network connections, skill installations, and MCP server configurations.

Getting Started

Sign up at portal.frontegg.com and access the AgenShield workspace
Create a campaign in the workspace to get an install URL
Run the install command on each endpoint:

curl -fsSL '<YOUR_INSTALL_URL>' | bash

The install URL is generated per campaign and includes your enrollment token. It downloads the signed agent, registers the device with your organization, and starts the daemon — all in one step.

Manual install

If you already have the cloud URL and enrollment token:

npx agenshield install --cloud-url <CLOUD_URL> --token <TOKEN>
agenshield start

What It Does

Policy Enforcement — Block or allow process execution, file access, and network connections based on admin-defined policies
Skill Monitoring — Quarantine unapproved AI agent skills, verify integrity via SHA-256 hashing, enforce approval workflows
Settings Management — Push managed configurations to AI agents (Claude Code, etc.) from the cloud
MCP Security — Monitor and control Model Context Protocol server connections
Endpoint Security Extension — macOS system extension (EndpointSecurity + NetworkExtension) for kernel-level enforcement
Telemetry & Alerts — Report policy violations, security events, and system metrics to AgenShield Cloud

Architecture

AgenShield runs as a local daemon with worker threads for off-main-thread processing:

Component	Purpose
`agenshield`	CLI for install, setup, start/stop, and management
`agenshield-daemon`	Background daemon — HTTP API, policy engine, cloud sync
`agenshield-broker`	Per-agent broker for sandboxed command execution
`AgenShield.app`	macOS menu bar app with system extension management

Platform Support

Platform	Architecture	Package
macOS	Apple Silicon (arm64)	`@agenshield/cli-darwin-arm64`
macOS	Intel (x64)	`@agenshield/cli-darwin-x64`
Linux	x86_64	`@agenshield/cli-linux-x64`

Commands

agenshield install    # Install and enroll with cloud
agenshield start      # Start the daemon
agenshield stop       # Stop the daemon
agenshield status     # Check daemon status
agenshield login      # Link your user account
agenshield doctor     # Diagnose issues

Cloud Integration

AgenShield endpoints connect to AgenShield Cloud for:

Centralized policy management and distribution
AI agent catalog with version tracking
Skill approval workflows
Security alerts and telemetry dashboards
User authentication via Frontegg SSO

Documentation

License

Apache-2.0 — see LICENSE for details.

A product of Frontegg LTD. Learn more at agen.co/shield.

FAQs

What is agenshield?

Is agenshield well maintained?

Package last updated on 02 Jun 2026

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

agenshield

AgenShield