A local proxy gateway that enforces policies, detects prompt injection, redacts PII, and logs every request — zero code changes required.
npm install -g @openbastion-ai/cli
The Bastion Pipeline — every request, every time
AI agents make thousands of API calls with no oversight. Sensitive data leaks into prompts. Prompt injection goes undetected. There's no audit trail, no rate limiting, no policy enforcement.
Point your ANTHROPIC_BASE_URL at Bastion and it intercepts
transparently. Declarative policies in bastion.yaml —
version-controlled, PR-reviewed. Every request logged.
Everything you need to secure AI agent traffic, out of the box.
Declarative rules in bastion.yaml. Block, warn, redact, or tag based on content patterns, injection scores, and PII detection.
Automatic failover from primary to fallback provider on 429 or 5xx errors. Zero downtime, zero code changes.
Heuristic pattern matching scores every user message for prompt injection attempts. Block above your configured threshold.
Detect and redact emails, phone numbers, SSNs, and credit cards before they reach the model. Enterprise tier adds ML detection.
Exact-match response caching with configurable TTL. Skip redundant API calls and reduce costs.
Structured JSONL logging of every request — tokens, cost, latency, policy decisions. File, stdout, or HTTP output.
Four steps. No SDK. No code changes.
Three tools. One mission. Ship AI agents you can trust.
Define and deploy agents as code
Observe and trace agent behavior
Protect and govern agent traffic