Open-source, on-device guardrails for AI coding agents. A thin local layer between people and the AI coding agents they run — Claude Code, Codex, GitHub Copilot CLI. Every prompt is reviewed locally, before it reaches the agent: coach, alert, or block by policy. Content never leaves the machine; security teams get redacted, content-free signals — governance without surveillance.
CuraIQ sits between people and the AI coding agents they run. Every prompt is checked locally against policy first — and the actual prompts and conversations never leave the machine.
Lakera Guard and Prompt Security are cloud/gateway-based — prompts are sent to their service for analysis. CuraIQ reviews prompts on the device, so content never leaves the machine, and it wraps the coding agents you already run. See the honest, architecture-level head-to-head.
CuraIQ's threat model and reports line up with the AI-security standards enterprise teams already use — so “how do you govern AI use?” has an evidenced answer, drawn from redacted, content-free telemetry.
Most AI use at work runs through personal accounts and tools security never approved. CuraIQ inventories the AI on each device — the apps, accounts, agents, and extensions — from redacted, content-free signals, so shadow AI stops being a blind spot.
CuraIQ reviews each prompt where it's typed, decides what to do, and reports only redacted metadata upstream.
CuraIQ is governance without surveillance. Prompts and conversations are reviewed on the device and never leave the machine; security teams receive only redacted, content-free signals — a category, a risk level, and a one-way hash. It's a guardrail for the AI coding agents your organization runs, not a window into what people type.
A local agent that reviews prompts where they're written, and a separate console for the fleet.
CuraIQ is on-device guardrails for AI coding agents. It's a thin local layer between people and the AI coding agents they run — Claude Code, Codex, GitHub Copilot CLI. Every prompt is reviewed locally, before it reaches the agent, and CuraIQ can coach, alert, or block by policy. The community agent is open source under AGPL-3.0.
Three steps. First, the prompt is reviewed on the device — checked locally against policy, a 40+ threat matrix plus content rules — and the content never leaves the machine. Second, CuraIQ coaches, alerts, or blocks, per policy, per tenant, per device. Third, a central web console shows posture, device inventory, alerts, and compliance, built from redacted metadata only.
Redacted, content-free signals — a category, a risk level, and a one-way hash — never the actual prompts or conversations. The console gives teams posture and compliance without exposing what anyone typed.
CuraIQ is designed to sit in front of the AI coding agents teams already use, including Claude Code, Codex, and GitHub Copilot CLI.
No. Review happens on the device, and content never leaves the machine. That's the key difference from cloud DLP: CuraIQ keeps the actual prompts and conversations local, and only redacted metadata is shared upstream.
The community agent runs standalone with local policy control and no account required — it's open source under AGPL-3.0, for macOS (Rust + a Tauri native host and webview detection core). Centralized fleet management — a multi-tenant console, SSO, and compliance reporting — is a separate, proprietary CuraIQ management server.
The community agent is open source under AGPL-3.0 and runs standalone with no account required. The code is on GitHub. The centralized management server is a separate, proprietary product.
Coach, alert, or block — before the prompt reaches the agent.