Compatibility covers Codex, Claude Code, Gemini CLI, Cursor, OpenCode, Hermes, and OpenClaw.
Runtime safety for AI coding agents
One safety layer for Codex, Claude Code, Gemini CLI, and the rest of your agent stack
Your agents already have native permissions. Guard adds portable runtime checks, local receipts, and shared trust history across Codex, Claude Code, Gemini CLI, Cursor, OpenCode, Hermes, and OpenClaw.
No account required for local protection. Create an account later when you want synced receipts, team policy, or shared history.
What Guard checks
A runtime safety layer shaped around this stack.
Native approvals stay in place while Guard adds cross-tool runtime checks.
Portable receipts create one local decision trail across the agent stack.
Local-first trust packet proof comes before cloud adoption.
Agent picker commands help each operator start with their current tool.
Rollout path
Built for how this stack is actually run.
Start with the operator’s real workflow, prove local control, then move to the smallest useful protected run.
Operator fit
Cross-tool agent users fighting permission fatigue
Codex, Claude Code, Gemini CLI, Cursor, and adjacent users already understand permissions. Guard focuses on portability instead of basic agent education.
Local proof
Compare native approvals with reusable local receipts
The generic page validates native controls while showing what Guard adds: one runtime review trail across tools, MCP surfaces, and machines.
First run
Choose the current agent, copy the command, then view receipts
The first step is not signup. It is picking the tool already in use and creating proof that the safety layer fits the existing workflow.
Install path
Activation first, account later.
Copy the local command, verify the setup, then connect cloud only when shared history is useful.
Pick your agent
Choose the command for the tool you already run today.
Copy the install command
Start with local-first protection and keep your native approval model in place.
hol-guard install codexView the first receipt
Use the local decision trail to see what changed before you approve it again.
hol-guard receiptsCodex
hol-guard install codexClaude Code
hol-guard install claude-codeCursor
hol-guard install cursorGemini CLI
hol-guard detect geminiOpenCode
hol-guard detect opencodeHermes
hol-guard install hermesOpenClaw
hol-guard install openclawData boundary
No account required for local protection.
Local first
- One review standard works across supported agents.
- Receipts stay local by default.
- No account is required to protect a local tool.
Cloud later
- Sync decisions across machines later.
- Add shared policy for teams.
- Use cloud history after the local workflow proves useful.
Operator proof
Proof that one review standard can follow every agent.
Codex, Claude Code, Gemini CLI, Cursor, and adjacent users already have native permissions. Guard adds the shared receipt layer between them.
Risk moment
Different agent, same risky runtime pattern
Use native approvals. Add portable proof.
Receipt evidence
Decision before execution
- Harness
- multi_agent
- Boundary
- local_first
- Surface
- mcp_or_command
- Next step
- compare_approvals
01
Native controls are respected
Guard does not ask operators to abandon Codex, Claude Code, Gemini CLI, Cursor, or OpenCode permissions.
02
Receipts normalize review
A risky read, write, network call, or MCP change gets recorded in one local decision trail.
03
Cloud is expansion, not entry
The page starts with local commands and moves to account creation only when team policy or sync matters.
Pricing path
Install locally before signup.
Free local protection gives you receipts and runtime checks on one machine. Create an account only when you want sync, policy, and team history.
FAQ