PipeLab builds control and evidence for machine actions. The flagship product is Pipelock, an open-source agent firewall that scans HTTP, WebSocket, and MCP traffic for secret exfiltration, prompt injection, and tool poisoning.
Origin
PipeLab started as a homelab project. The founder runs a plumbing business in Georgia and built AI agents to manage operations. When those agents had shell access, API keys, and unrestricted network, nothing existed to stop them from leaking everything. So Pipelock was built to fill the gap.
That homelab grew into on-prem Kubernetes, GPU compute, and an open-source security tool now recognized by the OWASP community.
What We Ship
Pipelock
Open-source agent firewall. 10,000+ tests, 88% coverage, single binary. Apache 2.0.
Agent Egress Bench
143 adversarial test cases for validating any agent security proxy.
Pipelock Rules
Signed community detection patterns. Hot-reloadable YAML bundles.
OWASP Contributions
Coverage mappings for MCP Top 10, Agentic Top 10, MITRE ATLAS, EU AI Act.
Philosophy
Build it yourself. Understand it yourself. If it breaks, you know why. If it works, you know how.
No cloud dependencies. No VC funding. No growth hacking. Open-source core, honest pricing, real engineering.