Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.runlayer.com/llms.txt

Use this file to discover all available pages before exploring further.

AgentGuard is Runlayer’s purpose-built ML model for agent reasoning security. Where per-call tool scanners look at one input or output at a time, AgentGuard watches the agent’s trajectory across a session and detects when behavior diverges from the user’s intent. AgentGuard surfaces inside Sessions on each agent turn.

What AgentGuard detects

AgentGuard is built to catch agentic attacks that per-call scanners miss:
  • Output-steering injection — a tool output contains hidden instructions that redirect the agent
  • Sudden reasoning pivots — the agent’s reasoning abruptly changes direction with no basis in the conversation
  • Slow-chain drift — gradual, step-by-step divergence from the original task
It distinguishes legitimate behavior changes from genuine misalignment. A high-privilege operation that matches user intent is allowed; an agent autonomously taking the same action outside the requested task is not.

Configuration

AgentGuard is configured under Settings → Security Scanners → Session scanning.

Agent monitoring

The main toggle for AgentGuard.
ActionBehavior
AllowDisable agent monitoring
AlertRecord detected threats; tool calls continue
BlockBlock all subsequent tool calls in the session when a threat is detected

End session when any scanner blocks

A session-wide kill switch. When any per-call scanner returns BLOCK on a tool call, the rest of the agent session is also blocked.
ActionBehavior
AllowA blocked tool call blocks only that call
BlockA blocked tool call ends the agent session
AgentGuard is configured globally. Per-connector overrides apply to catalog and per-call tool scanners, not to AgentGuard.

Rollout guidance

  1. Start in Alert so you can see what AgentGuard would do without affecting agents in production.
  2. Review Alerted sessions in Sessions and confirm the verdicts match your security policy.
  3. Move Agent monitoring to Block for high-risk teams or agents first.
  4. Enable End session when any scanner blocks once your per-call scanner tuning is stable.

Requirements

  • Sessions enabled for the workspace (Settings → Workspace → Full session scanning)
  • A deployment with ToolGuard capabilities
If AgentGuard options do not appear in Security Scanners, confirm both above.

ToolGuard Models

Per-call tool scanners and configuration

Sessions

Where AgentGuard verdicts appear in the agent timeline

Security

Monitor security events and violations

Policies

Restrict tools using access policies