grith.ai
Now open source

Zero Trust for AI Agents

Every AI coding agent starts with full access to your machine. grith intercepts every system call — file, network, process — and evaluates it against 10+ independent security filters before execution. Wrap any CLI tool with grith exec.

Get StartedRead the Docs
terminal
$ curl -fsSL https://grith.ai/install | sh
Syscall InterceptedCLI Supervisor10+ FiltersModel AgnosticOpen Source

AI agents have a security problem

The tools developers trust most have the weakest security foundations.

0
CVEs in AI IDEs
IDEsaster research
0%
Exploitation rate
IDEsaster research
0%
Breach alerts ignored
Verizon 2024 DBIR
0+
Exposed instances
ClawHavoc attack

Your command centre

Terminal TUI, web dashboard, or raw analytics — same telemetry, your choice of interface.

┌─ grith dashboard ────────────────────────────────────────────────┐ Today: 5 sessions$4.20 spent │ 0 blocked │ 94% allowed ├─ Cost (30d) ──────────┬─ Security ─────────────────────────────┤ ▁▂▃▂▄▅▃▂▁▂▃▄▅▆▅▄▃▂▃▄ Actions today: 142 Projected: $38/mo Files modified: 8 Budget: $50/mo (76%) Shell commands: 14 ████████████████░░░░░ Network calls: 3 Blocked: 0 Sensitive access: 0 ├─ Recent Sessions ─────┴─────────────────────────────────────────┤ # Time Project Cost Actions Allowed Status 1 14:03 grith-website $0.82 23 100% completed 2 13:15 grith $1.40 47 96% completed 3 11:30 grith-docs $0.30 8 88% completed ├─ Quality (7d) ──────────────────────────────────────────────────┤ Build success: 82% │ Retry rate: 12% │ Errors: 8% └──────────────────────────────────────────────────────────────────┘
grith analytics
Feb 10, 2026 14:03 UTCLive
Sessions today
0
+2 vs yesterday
Spend today
$0.00
−12% vs avg
Security score
0.0
Healthy
Blocked
0
Clean run
Cost Trend (7d)
MonTueWedThuFriSatSun
Decision Split
91%allowed
Allow 91%
Queue 7%
Deny 2%
Build success
82%
Retry rate
12%
Error rate
8%
Analytics deep dive
Daily cost (30d)
Jan 12Feb 10
Decision split
91%allowed
Allow
Queue
Deny
Provider split
$38monthly
Anthropic
OpenAI
Build success
82%
Retry rate
12%
Error rate
8%

How grith works

Two execution paths, one security pipeline.

Syscall Interception

Every file open, network connection, and process spawn is intercepted at the kernel boundary. Nothing executes without passing through the security proxy.

CLI Supervisor

Wrap any external tool — Claude Code, Codex, Aider — with grith exec. OS-level syscall interception routes every operation through the same security proxy.

Multi-Filter Scoring

Every tool call passes through 10+ independent security filters. A composite score determines: allow, review, or deny.

Quarantine Digest

Uncertain calls are batched for review — not one-by-one interruptions. 80-90% auto-allow, 1-5% auto-deny, the rest queued.

Every tool call, evaluated

Tool calls flow through the multi-filter security proxy — scored, routed, and logged.

Security Proxy — Live
0 calls evaluated
0evaluated
0%allowed
0%queued
0%denied
0
Allowed
0
Queued
0
Denied

See the scoring proxy in action

Every tool call is evaluated by multiple independent filters. Watch how different requests score.

Tool Call
fs.read("package.json")
Phase 1
·
Static path matching
·
Allowlist/denylist
·
Profile allowlist
·
Argument structure
Phase 2
·
Secret scanning
·
Command analysis
Phase 3
·
Destination reputation
·
Semantic context
·
Behavioural profile
·
Taint tracking
·
Rate limiting
Composite Score0.0
0allow <3queue 3–8deny >815
Evaluating filters...

What developers actually see

After every agent session, a clear summary. No digging through logs.

session summary
Session complete — 23 actions │ $0.82 │ 100% allowed
Tool calls: 23 Cost: $0.82
├─ file_read 12 Provider: Anthropic
├─ file_write 6 Model: Claude Opus
├─ shell_exec 4 Duration: 4m 23s
└─ net_request 1
Security: Quality:
├─ Allowed 23 (100%) ├─ Build success
├─ Quarantined 0 ├─ Tests passed
└─ Denied 0 └─ Errors 0

No other agent has native security

grith is the only open-source, local-first, model-agnostic agent with architectural security.

FeaturegrithClineOpen InterpreterAiderGooseClaude CodeCodex
Per-syscall interceptionCoarseContainer-level
CLI supervisor
Multi-filter scoring
Model agnostic
Local-first
Open source
Quarantine digest
Per-call security evaluation
Live web dashboard
Analytics & compliance

Get started in 30 seconds

One command. Zero configuration required.

terminal
$ curl -fsSL https://grith.ai/install | sh
View on GitHubRead the DocsEnterprise? Contact Us
Works with
Ollamallama.cppOpenAIAnthropicOpenRouter