Pipelock Ships Open-source Agent Firewall for AI Agents

Pipelock runs as an inline proxy that inspects outbound and inbound traffic, covering HTTP, WebSocket, and MCP tool calls, per the GitHub README and the mcp.aibase listing. The project implements an 11-layer scanning pipeline described by Help Net Security that includes scheme enforcement, CRLF injection detection, path traversal blocking, domain blocklisting, data loss prevention (DLP), entropy analysis, SSRF protection, rate limiting, URL length checks, and per-domain data budgets. The DLP layer matches 48 credential patterns and uses four checksum validators (Luhn, mod-97, ABA, WIF) plus encoding-aware decoding to reduce false positives, as reported by Help Net Security.

The repository and ecosystem listings document multiple proxy modes: forward proxy (intercepts processes honoring HTTPS_PROXY), fetch proxy (for dedicated fetch tools), and an MCP proxy for tool calls. The project provides features listed in package pages including an emergency stop switch, audit logging, and SIEM integration (conare.ai; mcp.aibase). The README also lists integrations and compatibility with developer tooling and agent runtimes such as Claude Code, OpenAI Agents SDK, Google ADK, AutoGen, CrewAI, LangGraph, Cursor, and IDEs (GitHub).