wasp
they got to your context window.
they won't get to your tools.
Trust layer for agentic AI. Block prompt injection at the gate.
The Problem
Agentic AI systems read messages from untrusted sources. Any input could contain instructions that hijack your agent. Most deployments have no filtering layer.
Trust Levels
Every contact gets a trust level. This determines what they can do.
sovereign
Full access. Can modify the whitelist. This is you.
trusted
Can trigger agent actions. Friends, family, colleagues.
limited
Agent sees the message but can't trigger dangerous actions.
blocked
Message never reaches the agent. Logged and dropped.
Quick Start
Up and running in 30 seconds.
Integration Options
Choose the integration style that fits your architecture.
Plugin
Tightest integration. Hooks directly into Moltbot's message pipeline. No network hop.
Hook
Lightweight. Observe and annotate messages as they pass through.
HTTP Sidecar
Language-agnostic REST API. For non-Moltbot systems or process isolation.
Built for Security
Pre-inference Filtering
Messages blocked before they hit your LLM's context window.
Tool-call Interception
Block dangerous tools (exec, write) for untrusted senders.
Audit Logging
Every decision logged. Full visibility into who accessed what.
Rate Limiting
100 req/min per IP. Prevents abuse of check endpoints.
Multi-platform
WhatsApp, Signal, Telegram, Discord, Slack, Email.
Session Isolation
Concurrent-safe. Each session has isolated trust state.
Ready to secure your agent?
Part of the Sandcastle Architecture — lightweight, transparent tools optimized for agentic development.