Realtime governance for AI agents. Evidence your auditor accepts.

Three lines of TypeScript put every agent action behind realtime policy checks, human-in-the-loop review, and a tamper-evident audit trail that exports as GDPR, HIPAA, and EU AI Act reports.

$ npm install @auxdynamics/mastguard-agent-sdk

GDPRHIPAAEU AI ActSOXNIST AI RMFPIPEDAAIDA

Start for Free Book a Demo

No credit card required • Free tier: 50,000 events/mo • Setup in under 5 minutes

Trusted by engineering and compliance teams monitoring AI agents in production.

468 adversarial tests per RedScan8 regulator-ready frameworks14 MAST failure modes detected live

How it works

From unmonitored agent to regulator-ready evidence in four steps.

The same pipeline serves your developers and your compliance team: instrument once, and every downstream artifact is generated from the same verified record.

1Instrument

Wrap your AI client in one line

The AgentShield SDK wraps your existing client. Your call sites do not change, and blocked calls surface as a typed exception you handle like any other error.

Works with OpenAI, Anthropic, Azure OpenAI, and MCP servers

agent.ts

import { wrapOpenAI } from "@auxdynamics/mastguard-agent-sdk"
const openai = wrapOpenAI(new OpenAI())
// every completion is now a governed event

2Detect

Every call is monitored in realtime

Each action becomes a structured event classified against the MAST failure taxonomy from UC Berkeley research presented at NeurIPS 2025. Injection attempts, scope violations, and exfiltration patterns show up the moment they happen, not in next quarter's incident review.

3Enforce

Policy violations blocked before they cause harm

Your policies decide: allow, block, or route to a human. High-risk actions wait in a review queue until a named reviewer approves, rejects, or escalates. The decision, the reviewer, and the timestamp all land in the audit trail.

4Report

One-click evidence packages for any regulator

Pick a framework and a date range. MastGuard assembles a chain-verified audit export, a narrative PDF, and a manifest of every file hash into a single ZIP your compliance officer can hand to an auditor. Legally defensible, with up to 7-year immutable retention on Enterprise.

Why MastGuard

Detection tools alert you. MastGuard hands you the artifact that satisfies an auditor.

Evidence, not just alerts

Every agent action lands in an append-only, SHA-256 chained record that detects both tampering and deletion. The same record generates your reports, so the evidence and the monitoring can never drift apart.

A human in the loop, built in

Review queues with named reviewers and logged decisions directly satisfy EU AI Act Article 14 and GDPR Article 22. Your legal team gets a workflow, not a promise.

Canadian regulatory depth

PIPEDA and AIDA are first-class report sections, not a roadmap item. Built in Calgary for teams that answer to Canadian regulators as well as the EU and US.

What teams tell us

The value shows up the first time someone asks for proof.

“We turned a week of audit prep into a single PDF export. The reviewers stopped asking how we know what the agent did, because now we can show them.”

Compliance Officer, Fintech

“RedScan found a prompt injection path we had no idea was open. We fixed it before the agent went anywhere near production data.”

AI Engineering Lead

“Human-in-the-Loop let us put a clinician in front of the decisions that mattered without slowing down the ones that didn't.”

Head of Platform, Digital Health

Govern your agents from day one.

Start free with no credit card, or talk to us about HIPAA tiers, BAAs, and enterprise deployment.

Start for Free Contact Sales