MastGuard / Documentation

Documentation

Everything you need to instrument, monitor, and govern your AI agents. The API base URL is https://api.mastguard.io.

What is MastGuard

MastGuard is the governance, security, and compliance layer for AI agents. It records every action your agents take, detects failures in real time, routes high-risk decisions to human reviewers, keeps a tamper-proof audit log, and generates regulatory compliance reports.

It does six things:

  • Real-time agent monitoring, with SHA-256 chained, append-only audit logs.
  • MAST failure detection (Memory, Action, Space, Time) for prompt injection, scope violations, and attack chains.
  • Human-in-the-Loop review for high-risk decisions.
  • Automated GDPR, HIPAA, EU AI Act, and SOX reports.
  • RedScan adversarial red-teaming with an AI Risk Score.
  • ProvenanceGuard poisoned-data detection and AI-BOM generation.

Quick Start

You can have your first agent governed in about five minutes. Install the AgentShield SDK:

npm install @auxdynamics/mastguard-agent-sdk

Wrap your model client. Every call is now scored, logged, and forwarded:

import OpenAI from "openai"
import { wrapOpenAI } from "@auxdynamics/mastguard-agent-sdk"

const openai = wrapOpenAI(new OpenAI(), {
  apiKey: "mg_live_your_key_here",
})

const response = await openai.chat.completions.create({
  model: "gpt-4o",
  messages: [{ role: "user", content: "Summarize this patient note." }],
})

That is it. Open your dashboard and you will see the action appear in the governance feed. Create your API keys at /dashboard/developer.

Authentication

MastGuard authenticates SDK and API requests with an API key. Keys use the format mg_live_... and are passed in the X-API-Key header.

curl https://api.mastguard.io/api/v1/governance/agents \
  -H "X-API-Key: mg_live_your_key_here"
  • Create and revoke keys from the dashboard Developer page at /dashboard/developer.
  • Keys are scoped to your organization. Every request is tenant-isolated by the key.
  • Treat keys like passwords. Never commit them or expose them in client-side code.
Keep keys server-side
API keys carry the full permissions of your organization. Use them only from a backend you control.

Your First Agent

An agent is any system you instrument. Give it a stable agentId so its events group together over time. With the AgentShield SDK, wrapping the model client is enough to register activity. To send a structured governance event directly, use the compliance SDK:

import { MastGuardClient } from "@auxdynamics/mastguard-sdk"

const mg = new MastGuardClient({ apiKey: "mg_live_your_key_here" })

const decision = await mg.governance.ingest({
  agentId: "billing-assistant",
  action: "send_email",
  metadata: { recipient: "customer@example.com" },
})

console.log(decision.value) // ALLOW | BLOCK | HITL | ALERT

Agent Events

An agent event is a structured record of one action: what the agent did, what data it touched, and what it decided. Events are the unit MastGuard scores, stores, and reports on. They are written to the agent_events table, which is append-only. Events are never updated or deleted.

Each event flows through the governance pipeline and returns a decision with one of four values:

  • ALLOW: the action passed all policies.
  • BLOCK: the action violated a policy and was stopped.
  • HITL: the action was routed to a human reviewer.
  • ALERT: the action proceeded but was flagged for review.

MAST Failure Taxonomy

MastGuard classifies agent failures using the MAST taxonomy from UC Berkeley research presented at NeurIPS 2025. There are four categories:

Memory

The agent uses stale, incorrect, or injected context. This is where prompt injection and context poisoning show up.

Action

The agent takes an action outside its permitted scope, such as calling a tool it was never granted.

Space

The agent operates on resources it should not access, such as records belonging to another tenant or user.

Time

The agent enters loops, delays, or timeout conditions, such as repeating a step it already completed.

Policies

A policy is a rule that decides how an event is handled. Policies can allow an action, block it, route it to a human, or raise an alert. They are evaluated per event and scoped to your organization.

The Free plan includes 5 policy rules. Pro and Enterprise include unlimited rules. Manage policies from the dashboard Policies page.

Human-in-the-Loop

Human-in-the-Loop (HITL) pauses a high-risk action and routes it to a reviewer before the agent acts. You decide which actions require review through policy. Reviewers approve, reject, or escalate from a queue, and every decision is written to the append-only hitl_decisions table with a timestamp.

The full HITL workflow is available on Pro and Enterprise.

Audit Logs

Every event, decision, and review is recorded in a tamper-proof audit log. Records are SHA-256 chained, so any change to a past record breaks the chain and is detectable. The tables (agent_events, hitl_decisions, audit_records, policy_violations) are append-only.

Retention depends on your plan: 7 days on Free, 90 days on Pro, and up to 7 years on Enterprise.

Compliance SDK

Package: @auxdynamics/mastguard-sdk (v0.1.1). The compliance SDK is for sending governance events, managing agents, working with HITL, and reading billing usage. Authentication is the X-API-Key header.

import { MastGuardClient } from "@auxdynamics/mastguard-sdk"

const mg = new MastGuardClient({ apiKey: "mg_live_your_key_here" })

// Ingest a governance event
await mg.governance.ingest({ agentId: "agent-1", action: "approve_claim" })

// List agents
const agents = await mg.agents.list()

// Read billing usage
const usage = await mg.billing.usage()

Exports include MastGuardClient, GovernanceResource, HITLResource, AgentsResource, BillingResource, MastGuardWebhooks / WebhookResource, and nine typed error classes. Decision values are ALLOW, BLOCK, HITL, and ALERT.

No Python SDK yet
A Python SDK is coming soon. For now, use the TypeScript SDKs or call the REST API directly with the X-API-Key header.

AgentShield SDK

Package: @auxdynamics/mastguard-agent-sdk (v0.1.1). AgentShield protects live model calls. It wraps OpenAI, Anthropic, and Azure OpenAI so every call is scored and logged.

import Anthropic from "@anthropic-ai/sdk"
import { wrapAnthropic } from "@auxdynamics/mastguard-agent-sdk"

const anthropic = wrapAnthropic(new Anthropic(), {
  apiKey: "mg_live_your_key_here",
})

// Blocked calls throw MastGuardBlockedError
const message = await anthropic.messages.create({
  model: "claude-sonnet-4-6",
  max_tokens: 512,
  messages: [{ role: "user", content: "..." }],
})

Exports include MastGuardShield (shield.protect()), ThreatDetector (5-layer detection), AuditLogger (SHA-256 chain), PolicyEngine, SessionTracker, the interceptors wrapOpenAI, wrapAnthropic, and wrapAzureOpenAI, and MastGuardBlockedError.

Webhooks

Webhooks notify your systems when governance events occur, for example when an action is routed to HITL or a policy is violated. Webhook requests do not use JWT auth. They are verified with a webhook secret and the org_id from the path.

import { MastGuardWebhooks } from "@auxdynamics/mastguard-sdk"

const webhooks = new MastGuardWebhooks({ secret: "whsec_your_secret" })

// Verify and parse an incoming webhook
const event = webhooks.verify(rawBody, signatureHeader)

RedScan

RedScan is automated AI red-teaming. It runs 468 adversarial test cases against your agent, drawn from the AgentHarm benchmark and driven by the Boundary Point Jailbreaking (BPJ) engine. The cases cover prompt injection, jailbreaks, and boundary violations.

The AI Risk Score

RedScan produces an AI Risk Score from 0 to 100. A higher score means lower risk. The score is mapped to NIST AI RMF tiers and aligned to ISO 42001 and the EU AI Act, so you can place a result against a recognized framework.

The PDF report

On Pro and Enterprise, RedScan generates a board-ready PDF that lists each finding, its severity, and the framework it maps to. Use it to brief leadership or hand to an auditor.

Plan limits

  • Free: 1 scan per month, AI Risk Score only (no PDF).
  • Pro: 10 scans per month with full PDF report.
  • Enterprise: unlimited.

Need more than your monthly quota? Buy scan credits (see Scan Credits below).

ProvenanceGuard

ProvenanceGuard detects poisoned training data. It uses absolute-count cluster analysis rather than percentages, because research (arXiv:2510.07192) shows that roughly 250 poisoned documents can compromise a model regardless of dataset size.

AI-BOM

For each dataset, ProvenanceGuard generates an AI Bill of Materials (AI-BOM): a structured record of what went into a training set. This supports EU AI Act Article 11 technical documentation requirements.

Plan limits

  • Free: not available (coming soon).
  • Pro: 5 scans per month.
  • Enterprise: unlimited.

Threat Intelligence

The Threat Intelligence Network aggregates anonymized attack patterns across customers into shared threat signatures, so an attack seen against one agent can warn others. It is opt-in.

The network never carries customer-identifying data. Threat intelligence events have no organization, session, agent, or user identifiers. The Threat Intelligence feed is available on Pro (opt-in) and Enterprise, which also gets private signatures and SIEM export.

Compliance Reports

MastGuard generates compliance reports directly from your audit data. Pick a framework and a date range, and export a PDF formatted for the controls an auditor expects.

  • Free and Pro: GDPR and SOX reports.
  • Enterprise: all frameworks, including HIPAA, EU AI Act, and MiFID II.

HIPAA reporting is part of the Enterprise HIPAA tier, which includes a Business Associate Agreement on request.

Plan Limits

There are three plans, with no trial tier. The Free plan is permanent, with no expiry and no credit card.

NameTypeRequiredDescription
Free$0/moForever1 agent, 50,000 events/mo, 1 member, 5 policies, 7-day retention, 1 RedScan/mo (score only)
Pro$899/moor $8,990/yr10 agents, 2,000,000 events/mo then metered, 10 members, unlimited policies, 90-day retention, 10 RedScans/mo (PDF), 5 ProvenanceGuard/mo, Threat Intel feed
EnterpriseFrom $40,000/yrContact salesUnlimited everything, HIPAA + BAA, all frameworks, SIEM export, 99.9% SLA, 7-year retention

Annual Pro billing saves 17% versus monthly. Contact info@auxdynamics.com for Enterprise.

Scan Credits

Scan credits are a prepaid add-on for RedScan and ProvenanceGuard, separate from your plan quota. They cover scans beyond your monthly allowance. Credits roll over and never reset.

NameTypeRequiredDescription
5 credits$249One-timeRoll over, never expire
10 credits$449One-timeRoll over, never expire
25 credits$999One-timeRoll over, never expire

Buy credits from the dashboard Billing page. A monthly quota is consumed first; credits are only drawn down once the included allowance is used.

Upgrading and Downgrading

Plan changes are self-serve from the dashboard Billing page (organization Owner only).

  • Free to Pro: start a checkout and your plan activates on payment.
  • Switch between monthly and annual Pro at any time.
  • Downgrade to Free: takes effect immediately, and your organization falls back to Free limits with no expiry.
  • Enterprise: governed by your contract. Contact info@auxdynamics.com.
Free is permanent
The Free plan never expires. Downgrading to Free keeps your account active at Free limits, with no credit card required.

FAQ

Do I need a credit card to start?

No. The Free plan is $0 per month, permanent, and requires no credit card.

Which models does the AgentShield SDK support?

OpenAI, Anthropic, and Azure OpenAI, through wrapOpenAI, wrapAnthropic, and wrapAzureOpenAI.

Is there a Python SDK?

Not yet. A Python SDK is coming soon. Today you can use the TypeScript SDKs or call the REST API directly.

What does a decision value mean?

A governance decision is one of ALLOW, BLOCK, HITL, or ALERT. They map to allowing the action, stopping it, routing it to a human, or flagging it.

How is my data protected?

Data is encrypted in transit and at rest, stored on Microsoft Azure in Canada or US East regions, and audit logs are tamper-proof and append-only. We do not use your agent event data to train AI models.

How many events does each plan include?

Free includes 50,000 events per month. Pro includes 2,000,000 per month, then meters overage. Enterprise is unlimited.

What happens when I hit my event limit on Free?

Free is hard-capped at 50,000 AgentShield events per month. Beyond that, requests are rejected until the counter resets at the start of the next month. Upgrade to Pro for 2,000,000 events plus metered overage.

How long are audit logs retained?

7 days on Free, 90 days on Pro, and up to 7 years on Enterprise.

Can I get a HIPAA Business Associate Agreement?

Yes, on the Enterprise plan. Email info@auxdynamics.com. Do not store PHI on Free or Pro without a signed BAA.

What does RedScan actually test?

468 adversarial test cases covering prompt injection, jailbreaks, and boundary violations, drawn from the AgentHarm benchmark and driven by the BPJ engine.

Do scan credits expire?

No. Scan credits roll over and never reset. They are consumed only after your monthly RedScan or ProvenanceGuard allowance is used.

Where do I create API keys?

On the dashboard Developer page at /dashboard/developer. Keys use the format mg_live_... and go in the X-API-Key header.

API Reference and keys →Pricing →Contact support →