The AI Guardrail Layer For Every Agent Framework
Production-ready guardrails for AI agents. PII detection, prompt injection blocking, 9 compliance frameworks, sandbox, streaming, benchmarks, and observability — wrapping Anthropic Agent SDK, OpenClaw, and any LLM provider. Like NeMo Guardrails, but TypeScript-first with 35 packages, CI/CD, MCP, and VS Code built in.
64% Less Code
Same functionality, dramatically simpler code
import { ChatOpenAI } from "@langchain/openai";
import { HumanMessage, SystemMessage } from "@langchain/core/messages";
const model = new ChatOpenAI({
modelName: "gpt-4",
temperature: 0.7,
});
const messages = [
new SystemMessage("You are helpful."),
new HumanMessage("Hello!"),
];
const response = await model.invoke(messages);
console.log(response.content);import { createCoFounder } from '@aicofounder/core';
const cofounder = createCoFounder();
const response = await cofounder.chat('Hello!');
console.log(response.content);Zero to Production in 5 Minutes
From first command to production deployment in under 5 minutes
Install
One command to get started. No complex setup.
npx create-aicofounder-app my-ai-appBuild
Write clean, simple AI code with full TypeScript support.
const cofounder = createCoFounder();
const response = await cofounder.chat('Hello!');Test
Built-in testing framework for AI applications.
aiTest('works', async () => {
await expect(response).toSemanticMatch('greeting');
});Deploy
One-click deploy to Vercel, AWS, or any platform.
vercel deploy35 Production-Ready Packages
The complete AI guardrail ecosystem — from core detection to enterprise compliance, CI/CD, streaming, sandbox, and VS Code extension
@aicofounder/agent-sdk
Wrap Anthropic Agent SDK with guardrails — PII, injection, compliance, cost
const agent = createGuardedAgent({
model: 'claude-sonnet-4-6',
guards: {
pii: { mode: 'redact' },
injection: { sensitivity: 'high' },
compliance: { frameworks: ['hipaa'] }
}
});@aicofounder/guard
Zero-dependency runtime guard — one import, any framework
import { createGuard } from '@aicofounder/guard';
const g = createGuard({ pii: 'redact', injection: 'block' });
const client = g.wrap(new Anthropic());
// All calls now guarded automatically@aicofounder/policies
Declarative YAML policies with 9 compliance presets
const engine = PolicyEngine.fromPresets(['hipaa', 'gdpr']);
const result = engine.evaluate(text, {
direction: 'input', model: 'claude-sonnet-4-6'
});
// { allowed: false, violations: [...] }@aicofounder/ci
GitHub Action & CLI for AI security scanning in CI/CD
# .github/workflows/cofounder.yml
- uses: waymaker-ai/aicofounder-ci@v1
with:
fail-on: 'high'
approved-models: 'claude-sonnet-4-6,gpt-4o'
comment-on-pr: 'true'@aicofounder/dashboard
AI observability — cost tracking, security alerts, compliance metrics
const dashboard = new CoFounderDashboard({
storage: new FileStorage('./aicofounder-data')
});
dashboard.collect(event);
await dashboard.serve({ port: 3456 });@aicofounder/mcp-server
15+ MCP tools for Claude Desktop, Code, and Cursor
// In Claude Desktop settings:
{ "mcpServers": { "cofounder": {
"command": "npx",
"args": ["@aicofounder/mcp-server"]
}}}
// Now use cofounder_scan_pii, cofounder_detect_injection...@aicofounder/compliance
Automatic HIPAA, SEC, GDPR, CCPA compliance enforcement
const enforcer = new ComplianceEnforcer([ PresetRules.hipaa(), PresetRules.gdpr() ]); const result = await enforcer.enforce(request);
@aicofounder/guidelines
Dynamic behavioral control with context-aware rules
const manager = createGuidelineManager(); await manager.addGuideline( PresetGuidelines.noMedicalAdvice() ); const matched = await manager.match(context);
@aicofounder/context-optimizer
Handle 400K+ token contexts with 70% cost savings
const optimizer = new ContextOptimizer({
strategy: 'hybrid'
});
const result = await optimizer.optimize(context);
// 2.5M tokens → 400K tokensEnterprise-Grade AI Framework
35 packages covering detection, compliance, sandbox, streaming, benchmarks, CI/CD, MCP, and VS Code integration
Agent SDK Guardrails
Wrap Anthropic Agent SDK with 7 composable interceptors. Pre-built HIPAA, GDPR, Financial, and Safe agent factories. Works with or without the SDK installed.
Zero-Dep Runtime Guard
One import, zero dependencies. Proxy-wraps Anthropic, OpenAI, and Google clients. PII redaction, injection blocking, cost tracking, and rate limiting in a single createGuard() call.
Declarative Policy Engine
9 compliance presets (HIPAA, GDPR, CCPA, SEC, PCI, FERPA, SOX, Safety, Enterprise) in YAML. Policy composition with strictest/first/last conflict resolution.
CI/CD Security Scanning
GitHub Action that scans PRs for hardcoded API keys, PII in prompts, injection vulnerabilities, unapproved models. SARIF output for GitHub Security tab.
Observability Dashboard
Real-time cost tracking, security incident monitoring, compliance scoring, performance metrics. Anomaly detection, Prometheus export, and HTTP API server.
15+ MCP Tools
Use CoFounder guardrails from Claude Desktop, Claude Code, or Cursor without writing code. PII scanning, injection detection, cost estimation, and code safety analysis via MCP.
PII Detection & Redaction
Detect and redact emails, SSNs, credit cards (with Luhn validation), phones, IPs, DOB, addresses, medical records, passports. 20+ patterns across all packages.
Prompt Injection Blocking
25+ attack patterns: direct injection, system prompt leaking, jailbreaks, role manipulation, delimiter injection, encoding attacks, multi-language attempts. Scoring with configurable sensitivity.
9 Compliance Frameworks
HIPAA (18 PHI identifiers), GDPR (data minimization, consent), SEC (disclaimers), PCI-DSS (card data), SOX (financial records), FERPA (student records), CCPA, and more.
Works With Everything
Wraps Anthropic Agent SDK, OpenClaw agents, LangChain, CrewAI. Use with Cursor, Windsurf, Claude Code, or any IDE. Complementary guardrail layer, not a replacement.
70% Cost Savings
Real-time cost tracking with pricing for 25+ models. Budget enforcement, model routing, caching, and prompt optimization. Projected monthly cost reports.
Sandboxed Execution
Run untrusted AI-generated code safely with @aicofounder/sandbox. Process isolation, resource limits, timeout enforcement, and output capture. Evaluate agent tool calls without risk.
Streaming Guards
Real-time guardrail evaluation on streaming LLM responses with @aicofounder/streaming. Token-by-token PII detection, injection scanning, and policy enforcement without buffering the full response.
Detection Benchmarks
Measure detection accuracy with @aicofounder/benchmark. 252 curated test cases across PII, injection, and toxicity. Per-category metrics, confusion matrices, and NeMo Guardrails comparison.
VS Code Extension
Inline guardrail warnings, PII highlighting, injection detection, and compliance checks directly in your editor. One-click redaction and policy violation quickfixes.
Like NeMo Guardrails, But Better
Everything NVIDIA NeMo Guardrails does — PII, injection, topical control, content safety — plus compliance frameworks, cost tracking, CI/CD, dashboard, sandbox, streaming, and MCP. TypeScript-first with 35 packages.
The Complete Guardrail Stack
35 packages organized in 5 layers — use what you need, from a single guard import to the full enterprise stack
Core Layer
5 packagesZero-dep runtime guard with PII, injection, toxicity detection
Anthropic Agent SDK guardrail interceptors
Declarative YAML policy engine with 9 compliance presets
HIPAA, GDPR, SEC, CCPA enforcement with audit trails
Dynamic behavioral control with context-aware rules
Integration Layer
5 packagesOpenClaw agent framework guardrails
Multi-provider LLM adapters (Anthropic, OpenAI, Google)
Colang dialogue flow integration
15+ MCP tools for Claude Desktop, Code, Cursor
Model Context Protocol client utilities
DevOps Layer
4 packagesGitHub Action for AI security scanning in CI/CD
Real-time observability, cost tracking, compliance scoring
252 test cases measuring PII, injection, toxicity accuracy
Isolated execution of untrusted AI-generated code
Enterprise Layer
4 packagesTenant isolation, per-tenant policies, usage metering
SOC 2 compliance controls and evidence collection
Community guardrail and policy marketplace
LLM-powered secondary classification for nuanced detection
Tools
4 packagesToken-by-token guardrail evaluation on streaming responses
Inline PII highlighting, injection warnings, policy quickfixes
Command-line guardrail scanning and policy management
Project scaffolding with guardrails pre-configured
Loved by Developers
Join thousands of developers building production AI apps with CoFounder
“CoFounder's cost tracking alone saved us $50k/month. The built-in testing gave us confidence to ship faster.”
“Coming from LangChain, CoFounder felt like a breath of fresh air. We shipped in a quarter of the time.”
“The PII detection and audit logging made HIPAA compliance straightforward. We launched months ahead of schedule.”
“CoFounder's automatic fallbacks and circuit breakers mean our students never experience downtime.”
“The intelligent model routing automatically picks the cheapest model that meets our quality bar. Magic.”
“Finally, a framework that treats testing as a first-class citizen. Our CI pipeline actually works now.”
“We evaluated every AI framework. CoFounder was the only one that had everything we needed out of the box.”
“The MCP server creation feature alone was worth switching. Standardized our entire AI integration layer.”
“90% less code is not an exaggeration. Our RAG pipeline went from 200 lines to 20.”
Ready to build your AI agent?
Start building production-ready AI agents in minutes with our comprehensive training and documentation. Need expert help? Waymaker offers implementation services.