Arcjet Extends Runtime Security to AI Agent Workflows With New Guards Capability

New updates have been reported about Arcjet.

Arcjet has launched Guards, a new runtime security feature that embeds policy enforcement directly inside AI agent workflows, queue consumers, and other non-HTTP application code, closing gaps left by perimeter tools such as proxies and web application firewalls. The product is designed to secure long-running, agentic systems where untrusted input now flows through tool calls, external data fetches, and multi-step workflows that never cross a traditional HTTP boundary.

By allowing developers to define and enforce rules exactly where untrusted data enters the system—whether from a tool invocation, a queue message, or a workflow step—Guards moves security controls closer to application context such as identity, session state, and prior tool outputs. Arcjet CEO David Mytton said the shift reflects a world where security must “live where the code lives,” particularly for agentic architectures that lack a clear perimeter.

Guards integrates into Arcjet’s existing application-layer security model, enabling rules to be written in the same codebase as the protected feature so they travel through normal development workflows and code review, without requiring a separate policy management system. This approach is intended to reduce operational overhead, align security with software delivery practices, and ensure protection is versioned and deployed alongside application changes.

The new capability is aimed at several high-risk scenarios, including detecting prompt injection in tool outputs before they are fed back into models, blocking sensitive or personally identifiable information in tool inputs and messages before it reaches third-party AI services, and enforcing per-user token budgets or spending limits inside agent loops. Guards also supports validation of untrusted data in background jobs and other non-HTTP execution paths that are increasingly central to AI-heavy applications.

Guards is designed to complement Arcjet’s Shield for securing public endpoints, its sensitive data detection prior to model context assembly, and its bot detection for high-cost AI routes, together forming a combined perimeter-plus-execution-layer security stack. The feature is available immediately through Arcjet’s JavaScript and Python SDKs, with existing customers able to enable it at once and new users onboarding via a free trial.

For Arcjet, Guards reinforces its positioning as a runtime security provider tailored to modern, AI-driven application architectures by embedding protection wherever untrusted input is processed rather than relying on legacy network boundaries. The company, founded in 2023 and already deployed in more than 500 production applications, is backed by investors including Plural, Ott Kaukver, Andreessen Horowitz, and Seedcamp, and is likely to leverage Guards to deepen adoption among customers building complex agentic workflows that demand tighter, context-aware security controls.