Immunity Agent brings runtime guardrails to agents

Hot take: this is the right layer to secure agentic coding, because the real risk sits at tool boundaries, not in the model output alone.

• –Warden intercepts pre- and post-tool calls, so destructive commands, prompt injection payloads, and privilege-escalation attempts can be blocked before they hit the shell or filesystem.
• –Cloak’s placeholder-based secret handling is more usable than naive redaction, since it keeps real credentials local while still letting agents reference them safely in context.
• –Sweep is the pragmatic backstop: even if a secret leaks into agent caches or transcripts, it gives teams a way to find and redact residue after the fact.
• –The project matters most for teams already leaning on autonomous coding agents, where one bad tool call can do real damage fast.
• –Open-sourcing the stack makes it easier to audit, extend, and adapt the policy layer to different agent ecosystems.