The Agent Action Firewall
Deploy agents to production. Your data is truly protected.|
Espada is an infrastructure agent that runs inside your
network — and the gate that lets Claude, GPT-4, or your own
agents run terraform plan,
kubectl apply, aws deploy in your
real cloud. Hardware-key signature on destructive change.
One self-hosted binary. Zero outbound.
§ 01 · The Agent Action Firewall
Three steps.
Every tool call. Every time.
This is what Espada calls the Agent Action Firewall — a single self-hosted binary that sits in front of your AI agent's outbound calls. The gate runs the same three steps on every action, whether the agent wants to write a file, deploy a container, or destroy your production VPC.
- 01
Intercept
Your AI agent — Claude, GPT, Gemini, your own — tries to run a tool call. Espada catches it at the gateway, before a single packet reaches your cloud control plane.
Example
claude code → terraform apply → ESPADA - 02
Resolve
We do not trust the arguments. We ask the cloud what will actually happen — and surface every consequence in plain text: resources destroyed, IAM widened, networks opened, cost lost.
Example
41 destroys · 0 creates · 2 modifies · $48,200/mo lost - 03
Sign or block
Destructive change waits on a human with a hardware key. Auto-approval is structurally impossible. Every decision — approve, block, sign — is hash-chained and signed into an audit log on your hardware.
Example
Press y to sign with YubiKey · n to block · r to re-plan
Step 02 is the part most security tools skip. Prompt classifiers ask whether the input looks dangerous; we ask the cloud what the action will actually do. The argument string never decides what gets destroyed — the cloud's own plan does.
Ready when you are.
One binary. One install. One hour to your first signed action.