Skip to main content
🧠+πŸ›‘οΈMemory + Security in One Package
🧠+πŸ›‘οΈ

ShieldCortex

The security layer for AI agent memory. Like Cloudflare, but for everything your AI remembers. 6-layer defence pipeline, Iron Dome behavioural protection, and credential leak detection across 19 providers. One package. Full solution.

Free & open source β€” MIT licensed

Get Started FreeView on GitHub
9,700+
npm Downloads
🧠
Full Memory System
6
Defence Layers
MCP
Native Support
MIT
Open Source

6-Layer Defence Pipeline

Every memory write passes through six layers of protection β€” all running locally, all free

1

Input Sanitisation

Strips control characters, null bytes, zero-width chars, BOM markers, and bidirectional overrides before any analysis runs.

2

Pattern Detection

Regex-based firewall scanning for prompt injection, privilege escalation, and encoding obfuscation attacks.

3

Sensitivity Classification

Classifies content as PUBLIC, INTERNAL, CONFIDENTIAL, or RESTRICTED β€” blocks restricted content automatically.

4

Fragmentation Detection

Cross-references recent memories to detect attackers spreading malicious payloads across multiple entries.

5

Trust & Anomaly Scoring

Source-based trust scoring with automatic decay for sub-agents, plus entropy and anomaly heuristics.

6

Credential Leak Detection

39 patterns across 19 providers plus Shannon entropy analysis β€” catches API keys, tokens, and secrets before they reach memory.

Local Security Dashboard

Full visibility into your agent's security posture β€” running locally on your machine

Shield Overview

Real-time defence stats, threat breakdown, and pipeline health at a glance

Audit Log

Full searchable log of every scan β€” filter by result, source, and time

Quarantine Queue

Review and approve or reject quarantined memories before they enter storage

Real-Time Alerts

Live event feed for blocks, quarantines, and credential detections

πŸ›‘οΈBehavioural Protection

Iron Dome

Agent-aware security that controls what your AI can do, not just what it remembers

πŸ”

Injection Scanning

Deep pattern matching for prompt injection, jailbreaks, and social engineering in any text

πŸšͺ

Action Gates

Control which actions agents can take β€” send emails, delete files, call APIs β€” with approval rules

πŸ›‘

PII Guard & Kill Switch

Block PII from leaving the agent, plus emergency stop to halt all agent activity instantly

πŸ“‹

Security Profiles

4 pre-built profiles β€” school, enterprise, personal, paranoid β€” or create custom policies (Pro)

πŸ”ŒIntegrations

Works With Your Stack

Use ShieldCortex as a standalone MCP memory server or integrate with your existing agent toolchain

🧠

OpenClaw

Native hook β€” auto-memory on by default with smart deduplication and novelty filtering

πŸ’»

Claude Code

MCP memory server with 24 tools β€” remember, recall, scan, graph, and more

πŸ“

VS Code & Cursor

MCP integration for Copilot Chat and Cursor agent β€” one command setup

πŸŒ‰

Universal Memory Bridge

Guard any memory backend with the full defence pipeline via the scan() API

πŸ€–Multi-Agent Ready

Hierarchical Trust Security

Running multiple agents? ShieldCortex prevents rogue sub-agents from accessing sensitive data with automatic trust decay.

πŸ”

Credential Isolation

RESTRICTED memories blocked below trust 0.7 β€” sub-agents can't access your API keys or secrets

πŸ“‰

Trust Decay

Each sub-agent level reduces trust: user (0.9) β†’ task (0.63) β†’ subtask (0.44)

🚫

Depth Circuit Breaker

Agents beyond depth 5 get trust = 0. Automatic protection against runaway chains

πŸ”’

Auto-Quarantine

Low-trust agents write to quarantine for human review before storage

Trust β‰₯0.7 β†’ Read all, write direct Β |Β Trust 0.5–0.7 β†’ Limited read, quarantine writes Β |Β Trust <0.5 β†’ Own data only

Simple Pricing

Full defence pipeline, free and open source. Unlock custom rules and cloud sync with a licence key.

Free

Β£0
forever
Unlimited local scans Β· No cloud required
  • βœ“ Full 6-layer defence pipeline
  • βœ“ Iron Dome (built-in profiles)
  • βœ“ Credential leak detection (39 patterns)
  • βœ“ Local dashboard
  • βœ“ MCP memory system + knowledge graph
  • βœ“ Skill scanner
  • βœ“ Agent hooks (OpenClaw, Claude Code, Cursor)
Get Started Free
Most Popular

Pro

Β£29/mo
per month
Local licence key Β· No cloud required
Everything in Free, plus:
  • βœ“ Custom injection patterns (up to 50)
  • βœ“ Custom Iron Dome policies
  • βœ“ Custom firewall rules
  • βœ“ LLM verification (AI-powered scan review)
  • βœ“ Audit export (JSON/CSV)
  • βœ“ Skill scanner deep mode
  • βœ“ Priority email support
Get Pro Licence

Team

Β£99/mo
per month
Adds cloud sync Β· Unlimited members
Everything in Pro, plus:
  • βœ“ Cloud audit sync across devices
  • βœ“ Multi-device visibility
  • βœ“ Team management & invites
  • βœ“ Shared custom patterns
  • βœ“ Unlimited injection patterns
Get Team Licence

Enterprise

Custom
for organisations
Self-hosted Β· SLA Β· Compliance
Everything in Team, plus:
  • βœ“ Self-hosted deployment
  • βœ“ SIEM integration
  • βœ“ Compliance exports
  • βœ“ Volume licensing + SSO
  • βœ“ Dedicated support + SLA
Contact Sales

Free and Pro run entirely on your machine β€” no cloud, no account required. Team adds cloud sync.

Included Free

Iron Dome

ShieldCortex protects what your agent remembers. Iron Dome protects what it does. Injection scanning, action gating, PII protection, and emergency kill switch β€” all included free.

4
Protection Features
4
Security Profiles
<1ms
Per Check
Learn More About Iron Dome β†’

Built For

OpenClawClaude CodeCursorVS CodeNode.jsMCPMIT LicenceFree Tier

Resources

Documentation
Getting started guide
npm Package
npm install shieldcortex
GitHub
Source code & issues
Blog Post
Introducing ShieldCortex

Secure Your AI Agent Memory

Open source, MIT licensed. Get started in under a minute.

Get Started FreeView on GitHub