This is the documentation home for Repello AI and our runtime security product, ARGUS. Use the cards below to jump straight into the ARGUS SDK or the ARGUS API.
Repello AI builds security for the AI stack — helping teams ship AI agents and LLM-powered applications without exposing themselves to prompt injection, jailbreaks, tool abuse, data leakage, and brand-damaging output. Learn more at repello.ai.
ARGUS is real-time runtime security for agentic AI systems. Modern applications are no longer a single model call — they are workflows of orchestrators, agents, tools, MCP servers, and knowledge bases that plan, call functions, and act on their own. ARGUS sits inside that loop: it inspects the prompts, tool calls, and responses flowing between every node in the workflow, enforces your guardrail policies in real time, and traces each step so you can see exactly what your agents did and why.Integrate it through the Python SDK to instrument individual nodes in your agent graph, or call the REST API directly to scan content at any point in the workflow.
Install the Python SDK, authenticate, and instrument your agentic workflow.
Scan prompts, tool calls, and responses at each node, record trace events,
and enforce policies — with the full ArgusClient reference.
ARGUS API
Call the runtime security REST API directly. Analyze any prompt or response
in your agent loop over HTTP with X-API-Key authentication.
Agents act — not just answer
An agent can call tools, query databases, hit MCP servers, and chain steps autonomously. A single bad decision can exfiltrate data or take a destructive action. Guardrails have to live inside the loop, not just around the final answer.
The attack surface is every hop
Prompt injection can arrive through a retrieved document, a tool result, or another agent’s output — not only the user’s message. ARGUS inspects content at every node, so a poisoned intermediate step is caught before it propagates.
General safety APIs are black boxes
Most “moderation” services return a single boolean flag. ARGUS exposes fine-grained violation types & calibrated risk levels so you can auto-block, soft-block, rewrite, or just log — per node, per policy.
You can’t secure what you can’t see
ARGUS records trace events across your orchestrators, agents, tools, and guardrail nodes, giving you per-step observability into what each part of the workflow did and which policies fired.
Latency matters in a loop
Multi-step agents amplify per-call latency. Our P99 latency is < 80 ms consistently under heavy load, so guarding every hop doesn’t stall the agent.
Framework & vendor freedom
Works with OpenAI®, Anthropic®, Google Gemini®, Mistral®, local GGUF models, and the agent frameworks and MCP tooling built on top of them.
ARGUS models your application as a graph of typed nodes, so you can attach security to the right place in the loop:
Node type
What it represents in your workflow
ORCHESTRATOR
Coordinates other nodes and drives the workflow.
AGENT
Performs actions or makes decisions.
TOOL
A specific capability or function the agent can invoke.
GUARDRAILS
Enforces safety and security policies.
Tools, knowledge bases, databases, and MCP clients/servers are all first-class node subtypes. See Enumerations for the full NodeTypeEnum and NodeSubTypeEnum vocabulary.
Instrument each node in your agent graph with the SDK, or call the API at any hop in the loop. Scan inbound content — user prompts, retrieved documents, tool results, and upstream-agent outputs — to stop injections and poisoned context before an agent acts on them. Scan outbound content — agent responses, tool arguments, and final answers — to prevent data leaks, block unsafe actions, and protect brand reputation. Every check can record a trace event, so the whole workflow stays observable.
Contact us for an on-prem deployment in your Virtual Private Cloud.
