declaw

AI agents are getting powerful - browsing the web, running shell commands, touching production systems. But there was no unified way to secure them. Sandbox vendors handled isolation. Guardrails vendors handled content filtering. Network controls were DIY. And none of it talked to each other.

Teams deploying agents in production were duct-taping 3-4 vendors together and still finding gaps at every seam. So we built Declaw - Firecracker-based microVMs with a security proxy running inside each one. The proxy handles PII redaction, prompt injection defense, code security scanning, toxicity detection, invisible text detection, network controls, and audit logging - all before anything leaves the sandbox. The VM handles isolation. You get both in one SDK call.

It is not trying to be everything. It is trying to be the one thing that actually needs to exist: a runtime that treats security as a first-class concern, not a checkbox you bolt on later. One SDK. One audit trail. No stitching together three different vendors.

We believe security tooling has to be auditable. You should not have to trust a black box sitting between your agent and the internet.