AI Governance that compounds

Your team is already using AI agents.
Guard is how you govern them.

Most governance stops at day one. Guard gets smarter every session. It learns your codebase, your team's patterns, and your risk profile over time.

Other AI governance tools want you to import an SDK and wrap every model call. Guard installs in 10 minutes. It intercepts every AI tool your team already uses: Claude Code, Cursor, Copilot, Codex.

GitHub gives the CISO a setting. ConductGuard gives them enforcement.

Free tier ยท No infrastructure changes ยท Works in minutes

Real data ยท 1 developer ยท 18 days ยท annualized

$84K/yearprojected AI spendfrom $4,170 in 18 days
$50K+potential cost per unreviewed deploy6 intercepted ยท 18 days ยท 1 developerโ†’ 1,200/year across a 10-person team
12,000/yearPII events screenedfrom 589 in 18 days
$4,700/yeartooling savingsfrom $235 in 18 days

One policy. Every AI tool.

Works where your team already codes.

Install once. ConductGuard enforces the same policy across every AI coding tool โ€” no per-tool config, no gaps.

Claude Code

hook + MCP

VS Code + Copilot

MCP

Cursor

MCP

Windsurf

MCP

# Install, sync, discover, validate

$ pip install conduct-cli

$ conduct guard sync

โ†ณ hook installed ยท MCP registered ยท policy active

$ conduct guard discover

โ†ณ Guard covers 9 of 11 agents ยท 2 uncovered (instructions shown)

$ conduct guard lint

โ†ณ 12 rules ยท no issues ยท policy is valid

Also discoverable via the MCP Registry โ€” install directly from VS Code or any MCP-compatible client.

The enforcement layer

Whatever your team runs in Claude, Guard sits in front of it.

Teams are building operating systems inside Claude โ€” deal desks, security audits, engineering autopilots. The prompts are good. The reviewer is a suggestion.

ConductGuard is structural enforcement. Policies are evaluated against real rules, not prompt instructions. A block exits with code 2 โ€” Claude stops. The audit trail is in your dashboard, not the chat history.

See how Guard enforces โ†’
โœ•

Prompt-based reviewer

Model can ignore it or hallucinate compliance

โœ“

ConductGuard policy

Evaluated against real rule set โ€” block exits with code 2

โœ•

Chat history audit

No structured search, no team visibility

โœ“

Conduct audit log

Every run, every block, every output โ€” searchable

โœ•

Spend as an afterthought

You see the bill at end of month

โœ“

Guard spend limits

Hard stops per user, per project, enforced in real time

Guard Proxy

One env var. Enforcement on every LLM call.

Point your AI tools at the Guard Proxy instead of Anthropic or OpenAI. Policies apply before the request forwards. Nothing changes in your code.

Before

ANTHROPIC_BASE_URL=https://api.anthropic.com

OPENAI_BASE_URL=https://api.openai.com/v1

After

ANTHROPIC_BASE_URL=https://api.conductai.ai/proxy/anthropic

OPENAI_BASE_URL=https://api.conductai.ai/proxy/openai/v1

Or run conduct guard sync to apply automatically.

๐Ÿ›ก๏ธ

Policies enforced before forwarding

Block secret leaks, restrict models, cap spend โ€” evaluated against your workspace rules before the request ever reaches the provider.

๐Ÿ”€

Route through your own gateway

Set Portkey, Helicone, LiteLLM, or Azure OpenAI as upstream. Guard sits in front and applies policies regardless of where traffic ends up.

๐Ÿ“‹

Every call in your audit trail

Developer, tool, model, prompt summary, decision, cost โ€” all in Guard Activity alongside your hook-layer events.

Why Guard Proxy

Observe or enforce โ€” pick one. Unless you use Guard.

Portkey and Helicone sit beside the call and observe. Guard sits in front and can stop it. Set an LLM upstream in Proxy Settings to keep Portkey's routing with Guard's enforcement on top.

Direct LLMPortkey / HeliconeGuard ProxyGuard + BYO
LLM calls reach the modelโœ“โœ“โœ“โœ“
Observability / loggingโ€”โœ“โœ“โœ“
Cost trackingโ€”By API keyBy agentBy agent
Policy enforcement (block / warn)โ€”โ€”โœ“โœ“
Blocks the call before it sendsโ€”โ€”โœ“โœ“
Agent identity on every callโ€”โ€”โœ“โœ“
Audit trail tied to run + workflowโ€”โ€”โœ“โœ“
Spend budget per agent / workflowโ€”โ€”โœ“โœ“
Custom routing / cachingโ€”โœ“โœ“โœ“

Custom routing in Guard Proxy: set any LLM upstream (Portkey, LiteLLM, Azure OpenAI) in Settings โ†’ Proxy.

GitHub Copilot Enterprise

One API key. Every developer covered.

GitHub Copilot for Business supports hosted MCP servers. Add the ConductGuard URL to your org settings once โ€” every developer in your org gets policy enforcement automatically. No CLI install. No per-developer setup.

โœ“ Admin generates one API key from Settings
โœ“ Paste URL into GitHub org MCP settings
โœ“ All developers get Guard enforcement on next Copilot session
โœ“ Full audit trail in the Conduct dashboard

MCP server URL

https://api.conductai.ai/guard/mcp

Authorization header

Authorization: Bearer cond_live_xxx

Generate from conductai.ai โ†’ Settings โ†’ API Keys

Works with GitHub Copilot for Business, Cursor, Windsurf, and any MCP-compatible AI tool.

Month 1

You didn't know what AI was doing. Now you do.

Within 10 minutes of install, you see every AI tool your team is running, what it's spending, and what it's doing. No manual registration. No config changes.

๐Ÿ”

Shadow AI discovered in seconds

conduct guard discover scans your machine and shows coverage instantly โ€” "Guard covers 9 of 11 agents." Every uncovered tool gets step-by-step remediation instructions.

๐Ÿ’ธ

Spend by developer, by day, by tool

No more waiting for the invoice. See exactly where AI budget is going in real time.

๐Ÿ“‹

Full audit trail from day one

Every tool call logged with decision, developer identity, and timestamp. One place, always current.

โœ…

Validate policy before it hits prod

conduct guard lint checks every rule locally โ€” unique IDs, valid regexes, correct actions. Ship with confidence, not a prayer.

Month 3

It caught things your team would never have seen.

Policies enforced at the tool layer, not in a doc. At the moment the agent runs, not the morning after.

BLOCKEDapprove-prod-deploy

Force-deploy to production, intercepted

AI attempted vercel deploy --prod --force at 3:11pm on a Friday. Guard blocked it before it executed.

BLOCKEDno-secret-in-commit-msg

Secret embedded in git commit, caught

AI tried to commit code with a credential token in the commit message. Fired twice in the same session.

WARNEDpii-redact

971 PII events in a single day

Jun 19 spiked 30ร— the 32/day baseline. Without Guard, every one of those calls would have sent raw credentials to an LLM.

What would've happened without Guard?

The production deploy would have executed. Average cost of a prod incident at a mid-market company: $15Kโ€“$50K. $235 saved on tooling is nice. $50K in a prevented outage is a different conversation.

Start Free

Month 6โ€“12

Guard learns as it runs. Every session makes the next one more accurate for your team.

Two memory systems work together. One knows your codebase. One knows your team. No other governance tool has either.

๐Ÿง Playbook LayerContextual Memory

Per-workflow, per-repo. Every agent template reads what worked before it acts, then writes what it learned when it finishes.

  • Knows which files are fragile. Run 1 explores. Run 10 goes straight to the right file.
  • Avoids repeating past mistakes. If a fix caused a regression last time, the agent knows.
  • Compounds across every run. A workflow that has run 50 times on your repo is more valuable than a fresh install anywhere else.

How it works

Before every run โ†’ reads prior outcomes. After every run โ†’ writes what happened.

๐Ÿ‘ฅCLI LayerTeam Session Memory

Per-developer, across every AI tool. The CLI hook captures sessions passively. Zero extra effort from your team.

  • Knows how each developer works. Sarah always requires tests. The security lead flags credential exposure.
  • Captured across all AI tools. One CLI hook. Every session adds to the team's shared context.
  • The agent behaves like a team member. Not a contractor who just showed up. An engineer who's been here for months.

How it works

conduct login installs a hook. Each session is captured silently. Patterns accumulate. Templates draw on this automatically.

An agent that knows your codebase and your team.

No other automation tool has either. GitHub Actions has zero memory. Copilot has no team context. Conduct compounds both: silently, continuously, from day one.

Start Free

Your team is already using AI agents.
Guard is how you govern them.

One platform. Two problems solved.

Free tier ยท No infrastructure changes ยท Works in minutes

ConductAI: Runtime AI Governance for Engineering Teams