AxioRankZero-Trust for AI Agents
Open the console

AxioRank for coding agents

Govern the agent writing your code.

AI coding agents now run commands, edit files, and call tools on your machine without waiting for review. AxioRank governs that loop. One hook for Claude Code, Cursor, Codex, and GitHub Copilot CLI blocks the dangerous actions locally and offline, reports the session to your control plane, and mints a signed, offline-verifiable proof that the code was governed.

Install the guard See how verification works
npx -y @axiorank/coding-guard init

What an ungoverned coding agent can do

Destructive commands

An autonomous agent runs rm -rf, git push --force, DROP TABLE, or curl piped into a shell on your machine, faster than you can read the diff.

Secret exfiltration

A generated command or file write ships an API key, a token, or your .env to somewhere it should never go.

Agent hijacking

A poisoned MCP reply or a fetched page carries hidden instructions that steer the coding agent, the attack class researchers call agentjacking.

Blocks locally, offline, with no key

The guard runs the exact AxioRank detection engine your production agents use, in the hook, on your machine. It denies destructive operations, secret exfiltration, and prompt-injected results before they run. No account required for blocking.

The same control plane as production

With a key set, every governed call flows into the same policy, audit log, alerts, and approvals as your production agents. Your org policy applies in the editor, and it can only tighten the local decision, never loosen a local block.

A signed seal nobody else mints

When the session ends, AxioRank mints a Coding Session Seal: an Ed25519-signed, offline-verifiable proof of how many calls were governed, how many were blocked, and a Merkle root over the audit trail. Provenance that the code was governed, not just a dashboard.

How it works

  1. 1

    Install the hook

    Run npx @axiorank/coding-guard init in your repo. It wires the guard into Claude Code, Cursor, Codex, and GitHub Copilot CLI.

  2. 2

    Code as usual

    Every shell command, file write, and MCP call the agent makes is scored. Dangerous ones are blocked or held for your review in the editor.

  3. 3

    Keep the proof

    At the end of the session a signed seal lands in .axiorank/. Verify it offline with npx @axiorank/audit-verify coding-seal, in CI or on any machine.

Blocking is free. Proof is the upgrade.

Local guardrails for Claude Code and Cursor are free on every plan. Central reporting and the signed Coding Session Seal come with the Team plan and above.

See pricingRead the docs