early access open — install free, no account neededget started →
AgenticCLI

▮ launching today

The release gate that ships with your AI agent.

ShipGuard is the companion for Claude Code, Codex and Cursor — it catches the secrets, broken auth and unverified webhooks your agent ships, locally, in under 2 seconds. Free today, forever.

$npx @agenticcli/shipguard scan

no account needed 100% local exit 0 / exit 1

shipguard scan --changed

What we're launching today

ShipGuard — five deterministic checks for the mistakes AI agents make most. Free, local, unlimited.

Secrets

Hardcoded API keys, tokens and credentials — before they reach your git history.

Auth

Unprotected admin routes, missing guards and broken session checks.

Payments

Unverified webhooks and missing signature checks on Stripe & friends.

Database

SQL injection, unsafe queries and destructive or exposed migrations.

Deployment

Debug flags, source maps and dev config shipped to production.

Honest answers to the obvious questions

Isn't this just another linter?
Linters check style and syntax. ShipGuard checks security and correctness — is this webhook actually verifying signatures? Is this admin route actually guarded? Different question entirely.
Does my code leave my machine?
Never. Local scanning is 100% local — no code, file contents, or paths are transmitted. Cloud scans fetch rule signatures only.
Why not Snyk or Semgrep?
Those are built for security teams scanning big codebases. ShipGuard is a release gate for individual devs and agents: under 2s, free local tier, focused on the patterns agents get wrong most.
Will it slow my deploy?
It runs in about 2 seconds on changed files. Deterministic exit codes drop straight into a pre-push hook or CI step — exit 0 ships, exit 1 blocks.
Too many false positives?
Checks are deterministic and rule-scoped, not probabilistic. Every finding cites the file, the rule, and the fix — verify it in seconds, or ignore a rule explicitly.
Is it really free?
Local scans are free and unlimited, forever, with no account. Paid tiers add cloud scans against the always-current rule corpus, deeper BaaS checks, and a CI gate.

Simple, honest pricing.

freeavailable now

$0 forever

Unlimited local scans. No account needed.

  • Unlimited local scans
  • 5 cloud scans / month
  • All 5 check categories
  • Basic + lagged rule corpus
  • --json for agents
  • Community support
get started free
pluscoming soon

$19 /mo

Full rule corpus for growing projects.

  • Everything in free
  • 10 cloud scans / month
  • Full rule corpus
  • Monthly billing
join waitlist
procoming soon

$29 /mo

The full gate for production apps.

  • Everything in plus
  • 100 cloud scans / month
  • Always-current corpus
  • CI --strict deploy gate
  • Agent-pay support
  • Credit pooling (team/CI/agents)
join waitlist

Install free now — upgrade when you need cloud.

The free local tier is live today. Drop your email and we'll tell you the moment new cloud tiers and rules ship.

one email a week, tops · no spam · unsubscribe anytime