AI antivirus for agentic code
Stop risky AI actions before they become incidents.
HOL Guard watches coding agents, MCP servers, skills, plugins, and local commands. Start with protection, then use these guides to understand the threats Guard is built to catch.
First minute path
1Agent asks to actA harness wants to read a file, run shell, call MCP, or install a skill.
2Guard pauses riskLocal review opens before damage, not after logs are already written.
3Your choice becomes memoryApproved, blocked, and repeated patterns turn into team policy.
4Cloud explains the patternWarnings, labs, and guides teach what happened without leaking private work.
Choose what you need from Guard right now.
Security content should move you toward action. Pick the path that matches your moment.
I need protection nowInstall Guard and connect your first AI tool before another agent command runs.Install GuardI saw a risky actionLearn why secret reads, prompt injection, and unsafe shell commands get paused.Review examplesI manage a teamConnect agent decisions to policy, billing, and shared security memory.Protect a team
Threat map that leads somewhere.
Each public page teaches one risk, then points back to install, dashboard, docs, or a related harness setup.
Prompt injectionHidden instructions steer an agent into unsafe work.Pause before tool or shell execution.MCP securityA tool description lies about what it will access.Review tool behavior before trust expands.Skill and plugin safetyA skill or plugin installs hidden behavior.Require approval when install steps change risk.AI harness supply chainA package bootstrap changes files or agent config.Block dangerous setup before it reaches the workspace.
Public proof, private work protected.
Redacted warnings show why Guard intervened without publishing raw prompts, tokens, paths, or private code.
Read redacted warningPractice safely before your next incident.
Labs are static simulations. They teach what Guard would do without executing dangerous commands.
Curated advisories
Only enriched explainers are indexable; raw CVE imports stay hidden until useful.