Stop unsafe actions at the boundary
Normalize commands, apply deterministic rules, escalate ambiguity to a judge, and arbitrate before a tool call is released.
Local safety and observability proxy
ModelWarden sits between your agent and its model provider. It inspects tool calls, blocks dangerous actions, routes providers, and preserves the evidence you need to investigate an incident.
shell("rm -rf ~/.ssh")
Protected path destruction blocked before execution.
One control plane for agent operations
ModelWarden combines enforcement and investigation in one local proxy instead of splitting them across agent plugins and external telemetry services.
Normalize commands, apply deterministic rules, escalate ambiguity to a judge, and arbitrate before a tool call is released.
Track live audit events, provider health, errors, latency, cost, and alerts from the proxy that handled the request.
Follow traces and replay sessions across requests, safety stages, provider calls, and final decisions.
Use provider failover, remote wrappers, uptime and cron monitoring, SCM links, and issue workflows as deployments grow.
Product proof
The dashboard is not a decorative reporting layer. It reads the same proxy decisions and audit events that enforced the request, then connects them to provider and runtime context.
How it works
Point an OpenAI-compatible or supported provider client at the local ModelWarden endpoint.
Text continues streaming while tool calls are normalized, classified, judged when needed, and arbitrated.
Safe calls continue. Dangerous calls stop. Every result becomes searchable, tamper-evident operational evidence.
For developers
Start with heuristics, a BYO judge, provider protocol support, the local dashboard, error monitoring, and a live audit stream.
Read the quickstartFor enterprise operations
Add fleet-level visibility, remote wrappers, anomaly detection, uptime and cron monitoring, release health, and managed providers when required.
Compare Enterprise profilesStart at the execution boundary