Skip to content
Sylo

Sylo — The security gateway for AI agents

The security gateway
for AI agents

Sylo sits between your sandboxed agents and the APIs they call. Inject credentials, enforce policies, scan for PII, and audit everything — without giving agents your API keys.

Get Started GitHub 
// Your server — agent never sees the real API key
const session = await sylo.createSandboxToken({
  credentials: [{
    name: "openai",
    domain: "api.openai.com",
    header: "Authorization",
    value: `Bearer ${OPENAI_KEY}`,
  }],
  policies: { default: "deny", rules: [{ domain: "api.openai.com" }] },
});

// Launch sandbox — credentials injected transparently on the wire
const sandbox = await Sandbox.create(template, {
  envs: sylo.sandboxEnv(session),
});

Credential Injection

API keys are encrypted at rest and injected into HTTP requests by the gateway. Agents make normal API calls — Sylo replaces placeholder tokens with real credentials on the wire.

Policy Enforcement

Control exactly which domains, methods, and paths your agents can access. Default-deny with allowlists, or default-allow with blocklists. Rate limiting per domain.

PII Scanning

Detect sensitive data (SSNs, credit cards, emails) in request bodies before they reach external APIs. Redact in-flight or block the request entirely.

Audit Logging

Every proxied request is logged with tenant, user, destination, policy decision, and credential used. Query by any field. Full visibility into what your agents are doing.

Bypass-Proof

Tunnel mode uses iptables to redirect all outbound TCP through the gateway. The agent can't bypass it without root access — which sandbox providers don't give.

Self-Hosted

One docker compose up on your own infrastructure. Caddy for auto-TLS, Postgres for persistence, Redis for speed. Or use the managed version.

How it works

Sylo intercepts outbound requests from sandboxed agents, injects credentials, enforces policies, and forwards to the real API.

Your Server                          Sandbox (E2B, Modal, Docker)
    │                                    │
    │  1. Create session                 │
    │     (credentials + policies)       │
    │         │                          │
    │         ▼                          │
    │     Sylo API                       │
    │     (encrypts & stores)            │
    │         │                          │
    │  2. Launch sandbox                 │
    │         └──────────────────────────▶│
    │                                    │  3. Agent makes API calls
    │                                    │         │
    │                                    │         ▼
    │                                    │     Sylo Gateway
    │                                    │       → inject credentials
    │                                    │       → enforce policies
    │                                    │       → scan PII
    │                                    │       → log audit trail
    │                                    │         │
    │                                    │         ▼
    │                                    │     Target API
    │  4. Query audit log ◀──────────────┘     (OpenAI, GitHub, etc.)

Ready to secure your agents?

Get started in under 5 minutes with the managed instance or self-host on your own infrastructure.

Read the docs Self-host