Pipelock detects and enforces. The ecosystem around it proves the system works. Three components that turn security claims into evidence.
Validate
143 adversarial test cases prove the scanner catches what it claims.
Govern
Signed rule bundles with hot-reload. Write patterns or use the official set.
Attest
Signed security reports with compliance evidence mapped to five frameworks.
Agent Egress Bench — Validate
143 adversarial test cases across 16 categories: DLP evasion, prompt injection, SSRF, tool poisoning, encoding chains, and A2A scanning. Run against any proxy to measure what gets caught and what gets through. The same corpus Pipelock tests itself against.
Pipelock Rules — Govern
Community detection patterns distributed as signed YAML bundles. Hot-reloadable without restart. Ed25519 signature verification prevents tampered rules from loading. Write your own patterns or use the official bundle.
Pipelock Assess — Attest
pipelock assess generates signed security reports with compliance evidence mapped to OWASP MCP Top 10, Agentic Top 10, MITRE ATLAS, EU AI Act, and SOC 2. Ed25519 signatures make reports tamper-evident. View a demo report.
The bench validates detections. Rules govern what to look for. Assess proves they're closed. Each component feeds the next.
Back to Pipelock