Documentation | Gliard Security Suite

What is Gliard?

Gliard is a professional-grade security suite designed to audit and protect autonomous AI agents. As agents transition from simple chat interfaces to systems with executive power (browsing, file access, API calls), the threat surface expands exponentially.

Traditional static analysis tools fail to capture the nondeterministic nature of LLM interactions. Gliard bridges this gap by combining deterministic logic scanning with live adversary simulation.

The Gliard Principle: Security for AI agents must be deterministic. We do not use LLMs to audit LLMs. We use rule-based AST analysis and verified exploit traces.

100% Local Execution: Gliard runs entirely on your local machine. Absolutely zero code, data, or audit results are sent to the cloud. Your intellectual property never leaves your secure environment.

Visual Tour

Get a glimpse of the Gliard suite in action, from the sleek terminal startup to the comprehensive audit reports.

CLI Analysis and Progress Reporting

Detailed Technical Audit Report

Board-ready Executive PDF Reporting

Developer Remediation Strategy Guide

Real-World Verification: The screenshots above represent an audit executed on a genuine, locally built AI agent. This is not a simulated mock-up. It is a real-world Gliard GUARD test demonstrating our deterministic logic scanning in action.

The Gliard Suite

9 EUR / Month - Download via LemonSqueezy

Gliard is distributed as a single, comprehensive package containing the Core framework, the powerful Guard logic scanners, and our experimental Sentinel adversary engine.

The Power of Guard: The absolute core strength of Gliard lies in the Guard engine. It provides deep AST logic analysis, robust reporting, EU AI Act compliance mapping, and over 20 deterministic scanners. It is the highly stable foundation that produces actionable insights for both developers and management.

Static Analysis (AST): Deep code analysis without executing untrusted code.
20+ Security Scanners: Covering prompt injections, excessive agency, and more.
Professional Reporting: Generation of high-fidelity PDF and Markdown reports for technical and executive teams.
EU AI Act Compliance: Automatic mapping of findings to specific regulatory articles.
Sentinel Simulation beta: Experimental live adversary verification of exploits. We are constantly improving this engine to reduce false positives and handle new attack vectors.

Installation

Gliard does not require a PyPI installation. The entire suite is downloaded directly to your secure environment.

1. Download
Purchase and download the Gliard archive from LemonSqueezy.

2. Extract
Unzip the archive to your preferred directory.
cd gliard-suite

3. Install Dependencies
Install the required standard libraries (e.g., requests, rich, fpdf).
pip install -r requirements.txt

Running your audit

Scan a local agent directory to identify immediate security gaps. Gliard identifies the agent structure automatically.

python main.py /path/to/your/agent --output audit_report --format pdf

The scanner will output a technical summary to the console and generate a detailed report in the ./reports directory.

Advanced Scanners

The suite features our full set of specialized scanners, including:

prompt_injection

Detects latent space vulnerabilities where untrusted data can hijack agent intent.

excessive_agency

Identifies tool-call permissions that exceed the necessary scope for the agent task.

mcp_configuration

Audits Model Context Protocol server configurations for insecure resource access.

secret_exfiltration

Maps environment variable flows to prevent leaking API keys through the LLM context.

Sentinel Engine beta

Sentinel is our experimental Adversary Simulation Engine. While the Guard engine deterministically analyzes your code, Sentinel goes a step further and attempts a live exploit in a controlled environment. Because LLMs are highly unpredictable, Sentinel is currently in Beta. We are constantly updating its payloads, response parsers, and marker systems to handle new edge cases and reduce false positives.

RCE and Exploit Verification

When Gliard finds a potential Remote Code Execution (RCE) vector via a tool call, Sentinel will simulate the attack. If successful, it delivers a Verified Exploit Trace.

[ SENTINEL ] Verifying RCE exploit...
Target: tool_call.subprocess_run
Payload: "cat /etc/passwd"
Status: EXPLOIT VERIFIED
Trace: File content exfiltrated to adversary sink.

EU AI Act Mapping

Gliard helps your legal team by providing technical evidence for regulatory compliance. Every finding is mapped to specific articles of the EU AI Act.

Article 9: Risk Management
Automatic detection of Annex III risk declarations and mitigation strategies.
Article 13: Transparency
Verification that system prompts include explicit AI disclosure markers.
Article 14: Human Oversight
Auditing for escalation logic and manual override triggers in the agent code.

Executive Reporting

Technical vulnerabilities mean nothing without management buy-in. Gliard generates board-ready reports automatically.

Executive Summary: High-level business risk overview.
Technical Audit: Detailed AST and Sentinel traces for developers.
Remediation Strategy: Step-by-step guidance to patch identified vectors.