luckyPipewrench

luckyPipewrench / pipelock

Public

Firewall for AI agents. DLP scanning, SSRF protection, bidirectional MCP scanning, tool poisoning detection, and workspace integrity monitoring.

pipelab.org ai-agents ai-security dlp egress-proxy fetch-proxy
177
7
100% credibility
Found Feb 10, 2026 at 62 stars 3x -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Go
AI Summary

Pipelock protects AI coding agents by scanning their web requests for leaks and injections while monitoring workspace changes.

How It Works

1
📰 Hear about Pipelock

You discover Pipelock while reading about keeping AI helpers safe from sneaky tricks and leaks.

2
📥 Get the protector

Download the simple app that watches over your AI's internet trips.

3
🔒 Pick your safety shield

Choose easy mode to watch and learn, or strong mode to block dangers right away.

4
▶️ Turn on the guardian

Start the protector so your AI can only browse through its safe path.

5
🔗 Link your AI buddy

Tell your AI coding friend to use the protector for all web visits.

6
🛡️ Work worry-free

Run tasks, check your files stay untouched, and see logs of what happened.

Safe and sound

Your AI helper creates code securely, with no secrets leaked or bad influences sneaking in.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 62 to 177 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

# Pipelock

Pipelock acts as a security harness for AI agents like Claude Code or OpenHands, proxying all outbound traffic through a single Go binary that blocks SSRF, scans for DLP leaks, rate-limits requests, and flags high-entropy payloads. It also inspects MCP responses and fetched content for prompt injection before they hit your agent, plus monitors workspace file integrity with SHA256 manifests.

Key Capabilities

- Egress Proxy: Agent gets network isolation—no direct internet. Proxy handles fetches with domain allowlists, blocklists (pastebin.com, transfer.sh), and env var leak detection via regex + entropy analysis. - Response Scanning: Strips or blocks "ignore previous instructions" jailbreaks in web content or MCP tools. - Git Protection: Hooks scan diffs for secrets matching your DLP patterns; integrates with github security scanning workflows. - Integrity Checks: Tracks file changes in agent workspaces; signs manifests with Ed25519 keys for multi-agent trust. - Audit Modes: Strict (air-gapped APIs only), balanced (monitored browsing), or audit (log-only). Prometheus metrics and JSON logs included.

Configs ship for claude-code.yaml, cursor.yaml; generates Docker Compose for isolated stacks. Ties into github security alerts via pre-push hooks and project audits that score repos against OWASP Agentic Top 10.

Traction Hooks

Stands out as a zero-dep alternative to kernel sandboxes or Python scanners—deploy via go install or Docker. Covers ASI01-ASI10 gaps like privilege escalation and output handling better than domain-only blockers. Low false positives in balanced mode; entropy thresholds tune for code-heavy workflows.

Ideal Users

Devs running unattended AI agents with shell/API access. Security teams auditing github security projects or copilot outputs. Pairs with security github actions for CI scans; think pipelock intel for agent fleets or pipelock evo in regulated setups.

Reality Check

43 stars and 1.0% credibility score scream early alpha—test thoroughly. No kernel enforcement, so relies on agent cooperation (e.g., env PIPELOCK_FETCH_URL). Docs solid but blog-heavy; compare to agentsh or srt in their md files.

Verdict

Grab it if AI agents scare you: pipelock base + bracket locks down exfil and injections without npm/Python cruft. Run `pipelock audit .` first—bumps your score from unprotected to production-ready. Solid for security github repository hygiene, but mature it before prod fleets.

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.