Skip to main content

NebGuard

NebGuard is policy-driven guardrails for AI coding agents. When an agent like Claude Code works on your code or infrastructure, it takes real actions: it runs shell commands, edits files, pushes to git, applies changes. NebGuard sits between the agent and those actions, checks each one against a library of rules at the moments that matter, and decides whether to let it through, flag it, stop it, or steer the agent back on course. The same engine and the same rules run on a developer laptop and inside an agent pod in a cluster.

Why use it

AI coding agents are fast and mostly correct, but a single bad action (a force-push to a protected branch, a deleted production resource, a committed secret) can be expensive, and a drifting agent quietly burns time repeating itself or skipping verification. NebGuard catches the dangerous actions before they run and keeps the agent pointed at the task, without slowing down the normal ones. Think of it as a seatbelt and a co-pilot for your agent: it prevents the crash, and it keeps you headed toward the destination.

The four responses

Every time the agent is about to act, and at key moments such as finishing a turn, NebGuard responds in one of four ways:

ResponseWhat happens
AllowThe action is fine. Nothing happens and the agent proceeds.
WarnThe action is risky. NebGuard adds a note so the agent and the human can reconsider.
BlockThe action is dangerous. NebGuard stops it before it runs.
GuideNebGuard injects context to keep the agent on track (reminders, a missing step) and re-states key constraints after the agent trims its own context.

NebGuard also records each decision, so your team gets an audit trail you can use for compliance and security reviews.

Rule domains

Rules are organized into seven domains:

security, infrastructure, development, operations, ai-governance, business, global.

Which domains are active depends on your license tier and your environment. See Concepts for the full model.

Fail-safe by design

NebGuard is built so that the guardrails stay trustworthy even when something goes wrong:

  • A high-stakes block cannot be talked around. The agent cannot disable that class of guard by writing its own justification.
  • High-stakes guards fail closed. If a critical guard's own check errors out, it becomes a block rather than silently letting the action through.

Supported assistants

NebGuard works with hook-capable AI coding assistants and behaves the same across all of them.

AssistantVendorStatusSetup commandConfigure
Claude CodeAnthropicSupportednebguard setup claude-codeNone
Codex CLIOpenAISupportednebguard setup codex-cliOne-time hook trust

More hook-capable assistants are planned, in rough order of popularity: GitHub Copilot CLI, Cursor, Gemini CLI, opencode, Continue, Amazon Q Developer CLI, and Qwen Code. See Setup for per-assistant install and configuration.

What you can do

  • Install NebGuard for Claude Code or Codex CLI in one command. See Setup.
  • Understand the safety model, licensing, and telemetry. See Concepts.
  • See what a block, a warning, and a guidance note look like in practice. See Examples.

Next steps

  • Setup: install and verify NebGuard for Claude Code or Codex CLI.
  • Concepts: the four responses, the domains, licensing, and telemetry.
  • Examples: what NebGuard looks like when it fires.