Skip to main content
๐Ÿ›ก๏ธShieldCortexโ†’๐Ÿ”ดIron Dome
๐Ÿ”ดโŠ•๐Ÿ›ก๏ธ

Iron Dome

The behavioural security layer for AI agents. Six defensive layers that intercept, analyse, and gate every instruction before your agent acts on it.

Part of ShieldCortex โ€” free & open source

6
Defence Layers
4
Security Profiles
<1ms
Per Check
0
Dependencies

One Command. Full Protection.

Activate Iron Dome and watch six defence layers come online

terminal
$ shieldcortex iron-dome activate --profile enterprise
โ–ธ Iron Dome activating...
โœ“ Layer 1: Instruction Gateway โ€” armed
โœ“ Layer 2: Injection Scanner โ€” armed
โœ“ Layer 3: Action Gating โ€” armed
โœ“ Layer 4: PII Protection โ€” armed
โœ“ Layer 5: Kill Switch โ€” armed
โœ“ Layer 6: Audit Trail โ€” armed
๐Ÿ›ก๏ธ Iron Dome online โ€” enterprise profile active
6/6 layers active ยท 0 threats intercepted ยท agent secured

Six Layers of Defence

Every instruction passes through six checkpoints before your agent acts on it

LAYER 1

Instruction Gateway

Validates and normalises every instruction before it enters the pipeline. Blocks malformed commands, enforces schema rules, and rejects instructions from untrusted sources.

LAYER 2

Injection Scanner

Multi-pattern detection for prompt injection, jailbreak attempts, and instruction smuggling. Catches hidden payloads, Unicode tricks, and fragmented attacks across messages.

LAYER 3

Action Gating

Controls what actions an agent can take. Allowlists, denylists, and scope boundaries per profile. High-risk actions require explicit approval or are blocked outright.

LAYER 4

PII Protection

Detects and redacts personally identifiable information before it reaches memory or external systems. Names, emails, phone numbers, addresses, and national IDs โ€” caught and masked.

LAYER 5

Kill Switch

Instant shutdown when threat thresholds are breached. Halts all agent operations, preserves state for forensic review, and sends alerts. No graceful degradation โ€” full stop.

LAYER 6

Audit Trail

Every instruction, decision, and action is logged with timestamps, source identity, and outcome. Tamper-resistant, queryable, and ready for compliance exports.

โš™๏ธPre-Built Profiles

Four Security Profiles

Choose a profile that matches your threat model. Every profile activates all six layers โ€” the difference is how aggressively they respond.

๐Ÿซ

School

Child safety first
  • โœ“ Strict content filtering
  • โœ“ Full PII redaction
  • โœ“ No external API calls
  • โœ“ Audit everything
Recommended
๐Ÿข

Enterprise

Production hardened
  • โœ“ Injection scanning (strict)
  • โœ“ Action allowlists
  • โœ“ PII redaction + alerting
  • โœ“ Kill switch at threshold
๐Ÿ‘ค

Personal

Balanced protection
  • โœ“ Injection scanning (balanced)
  • โœ“ PII detection + warning
  • โœ“ Flexible action gating
  • โœ“ Lightweight audit log
๐Ÿ”’

Paranoid

Maximum lockdown
  • โœ“ Block-first, allow-second
  • โœ“ All actions require approval
  • โœ“ Zero tolerance on PII
  • โœ“ Verbose audit + alerts

--profile school ย |ย --profile enterprise ย |ย --profile personal ย |ย --profile paranoid

How It Works

Iron Dome wraps your agent's instruction pipeline. Every instruction enters, gets checked, and only clean instructions reach your agent's logic.

1

Instruction arrives

From user prompt, sub-agent, tool result, or external webhook โ€” Iron Dome intercepts it.

2

Six-layer scan

The instruction passes through all six layers in sequence. Each layer can allow, flag, quarantine, or block.

3

Decision

Clean instructions pass through. Suspicious ones get quarantined for review. Malicious ones are blocked and logged.

โœ“

Agent acts safely

Your agent only sees instructions that passed all six layers. Everything else is logged in the audit trail.

๐Ÿง  + ๐Ÿ›ก๏ธ + ๐Ÿ”ด Full Stack

Part of ShieldCortex

Iron Dome is ShieldCortex's behavioural layer. Together, they protect both what your agent remembers and what it does.

๐Ÿง 

ShieldCortex Memory

Protects what your agent stores. Persistent memory, semantic search, trust scoring, sensitivity classification, memory firewall.

Learn more about ShieldCortex โ†’
๐Ÿ”ด

Iron Dome Behaviour

Protects what your agent does. Instruction gateway, injection scanning, action gating, PII protection, kill switch, audit trail.

You are here

Works With Your Stack

Drop-in behavioural security for the tools you already use

OpenClawMoltbotClaude CodeLangChainMIT LicenceFree & Open Source

Secure Your Agent's Behaviour

Six layers of defence. One npm install. Free forever.