A user-space firewall that gates an AI agent's actions

Guardian is an open-source, locally-run firewall that sits between an AI agent and everything it can touch — files, shell commands, networks, and online services. Rather than trusting the agent, it intercepts every action at the tool-call boundary, runs it through a deterministic rule engine, and flags risky actions for human approval in plain language. Testing shows it reduced AI prompt-injection attack success rates from 100% to 0% on banking tasks.