What Aegis does
Aegis is not general-purpose security software. It is access control infrastructure specifically designed for AI agent environments.
Core capabilities
Limit disclosure
AI agents receive only the data fields their declared purpose requires. No full data dumps. No over-exposure.
Keep audit records
Every access request — allowed or denied — is logged with chain-hash integrity. Tamper-detectable. Chronologically sealed.
Govern outbound data flow
What leaves the protected boundary is controlled. Aegis determines what data an agent can carry outward and records the flow.
Protected secret handling
Secrets are encrypted at rest inside capsules. Decrypted only at the moment of use. Cleared from memory immediately after. No persistent plaintext.
Gateway-centered control
All agent access passes through the Aegis Gateway — the single trust boundary. There is no alternative path. No bypass exists by design.
Purpose-driven access
Every data request must declare a purpose. The purpose is evaluated against policy before any data is returned. No purpose, no access.
What Aegis is not
- Not a firewall
- Not an authentication provider
- Not a general security scanner
- Not an AI model — it controls what AI agents can reach
Aegis sits between agents and data, enforcing structured access control.
Component overview
Aegis Gateway
The sole trust boundary. All access requests pass through the Gateway for policy evaluation, disclosure limiting, and audit recording.
Aegis Core
The encryption engine and capsule lifecycle manager. Handles secret storage, encryption at rest, and controlled decryption at the moment of use.
Compatible runtimes
AI agent environments connect to Aegis through the Gateway. Aegis is designed to work with any compliant runtime.
OpenClaw is one example of a connectable AI agent runtime. Aegis is designed to work with any compliant runtime.