megent
Runtime policy for AI agents

A policy runtime for AI agents.

Define what your agents can do.
Block what they can't. Enforced at every tool call, before it executes.

Get early access
Works with all your favorite frameworks
OpenAI Agents SDKOpenAI Agents SDKGoogle ADKGoogle ADKAnthropic ClaudeAnthropic ClaudeLangchainLangchainAutoGenAutoGenLlamaIndexLlamaIndexOpenclawOpenclawCrewAICrewAIOpenAI Agents SDKOpenAI Agents SDKGoogle ADKGoogle ADKAnthropic ClaudeAnthropic ClaudeLangchainLangchainAutoGenAutoGenLlamaIndexLlamaIndexOpenclawOpenclawCrewAICrewAI
The problem

You're shipping AI agents into production.
Do you know what they're doing?

Most teams don't. That's fine โ€” until a hallucination triggers a fund transfer, a vendor agent accesses a database it shouldn't, or a customer's SSN lands in a log file.

๐Ÿ”“

No visibility into what your agents actually do

Your agent runs, returns an answer, and you ship it. But between the LLM call and the result, tool calls happened. Files were read. APIs were hit. Data moved. You have no record of any of it.

Observability gap
๐Ÿ“ฆ

You installed a vendor agent you didn't write

It works. You deployed it. But you have no idea what it does under the hood. When it starts making unexpected tool calls, you'll find out the hard way โ€” after the incident, not before.

Supply chain risk
๐Ÿฅ

One unmasked field ends your compliance story

Fintech. Healthcare. Legal. Your agents process sensitive data. Your compliance framework says it can't appear in logs or agent context. Your agents don't know that. Megent does.

Regulatory exposure

"The moment you deploy an agent that can take real actions, you need a runtime that enforces what it's allowed to do. Hoping for the best is not a security posture."

โ€” The Megent team

Features

Built for how agents actually run in production.

View full docs
๐Ÿ”Core runtime

Tool call interception

Every tool call your agent makes is caught before it executes. Checked against policy. ALLOW or BLOCK returned in under a millisecond. Your systems only get called when they should.

๐ŸชชIdentity layer

Agent JWT passports

Each agent carries a signed JWT passport with a trust level baked in. The runtime verifies it on every call. No valid identity means no tool access โ€” no exceptions.

๐ŸงนCompliance

PII masking before context

Customer emails, SSNs, card numbers, DOBs โ€” masked before the agent ever sees them. Choose replacement, hashing, or redaction per field type. Ships HIPAA and PCI-ready.

๐Ÿ“ฆSupply chain

Third-party agent coverage

Wrap any agent you didn't write โ€” vendor plugins, marketplace agents, open-source bots โ€” and enforce your rules regardless of what's inside the black box.

๐Ÿ“‹GitOps-ready

Policy as code

YAML or Python. Version controlled. Reviewed in PRs. Deployed alongside your app. Your security policy is no longer a wiki page nobody reads โ€” it's enforced, tested code.

โšกPerformance

In-process, zero overhead

No sidecar. No proxy. No extra API hop. Megent runs in-process with your agent. Average interception cost: under 1ms. You won't notice it โ€” but your agents will.

How it works

Guardrails that actually run with your agent.

Drop Megent into your stack without rewrites. Policies stay in Git. Enforcement lives in-process. Telemetry stays in your infra.

01

Write your policy

Describe allowed tools, arguments, identities, and masking rules in YAML or Python. Commit it with your code.

policy.yaml
02

Wrap your agent

Add the Megent guard decorator around your agent or tool router. No proxy, no sidecar, no extra network hop.

@guard(policy='policy.yaml')
03

Ship with confidence

Every tool call is checked at runtime. Violations are blocked, masked, and logged โ€” without slowing down your LLM pipeline.

ALLOW | BLOCK | MASK
sample policyyaml
policy: name: billing-agent identity: require: jwt allow: - tool: read_invoice - tool: send_email block: - tool: transfer_funds - tool: delete_customer mask: email: redact ssn: hash

Declarative policy. Enforced in-process. Logged for audit.

Use cases

Bring your own stack. Megent just enforces.

Drop Megent between your agent and the real world: databases, email, payments, identity providers, and any tool calls.

Payments

Fintech

Mask PANs, block unauthorized transfers, and require signed agent identities before touching money movement tools.

HIPAA

Healthcare

Redact PHI before context, log every tool invocation, and enforce facility-level permissions on external APIs.

Customer ops

Support automation

Keep third-party agents away from production databases. Allow ticket updates, block credential changes by default.

Zero trust

Security & IT

Wrap vendor bots with Megent and enforce least privilege when they manage access, rotate keys, or run scripts.

FAQ

Answers to questions

Still have something we didn't cover?

Email us directly โ†’
Early access

Be the first to know
when we ship.

We're onboarding early teams now โ€” especially in fintech and healthcare. Drop your email and we'll reach out directly