pipelock

Pipelock is an open-source agent firewall that sits between an AI agent (with secrets) and the internet, inspecting traffic with a rules-based, multi-layer scanner pipeline. It provides three proxy modes (fetch proxy, forward proxy, and WebSocket proxy) that can block, filter, or sanitize data to prevent secret leakage and prompt-injection from reaching external services. The project emphasizes a single binary with zero runtime dependencies, and is designed to run either as a standalone binary or inside a container. To start using Pipelock, you can run it in a Docker container as shown in the Quick Start, or install it locally via Go and compile the binary. Once running, you can enable a forward proxy by configuring the forward_proxy section in the YAML config, or use the fetch proxy mode to let agents request URLs through Pipelock for content scanning. The documentation also covers TLS interception (with proper CA setup), text extraction for fetch proxy, and WebSocket frame scanning for bidirectional communication.

Prerequisites:

• Docker (recommended for quick start) or a Go toolchain if compiling locally
• Basic familiarity with editing a YAML configuration file for Pipelock

Installation options:

1. Docker (recommended for quick start)

   • Ensure Docker is installed and running
   • Pull and run the latest Pipelock container: docker run -i ghcr.io/luckypipewrench/pipelock:latest

2. Local binary (Go)

   • Ensure Go 1.20+ is installed
   • Install the Pipelock binary: go install github.com/luckyPipewrench/pipelock/cmd/pipelock@latest
   • Run the binary (adjust PATH if needed): pipelock --help

3. Prebuilt binaries / releases

   • Visit the GitHub releases page for pipelock and download the appropriate binary for your platform, then run it directly.

Configuration steps (example):

• Create a pipelock.yaml config file configuring the desired proxy mode (fetch, forward, or ws) and rules for DLP, blocklists, and URL filtering.
• Start Pipelock with the appropriate command (Docker example shown above, or run the binary with --config path/to/pipelock.yaml).

Prerequisites recap:

• Docker or a Go toolchain
• Access to the internet to pull container images or Go modules
• Basic knowledge of YAML configuration for Pipelock

Tips and common issues:

• If you enable TLS interception for the forward proxy, you must set up a CA with pipelock tls init and install-ca before clients will trust the proxy.
• For maximum protection, run Pipelock in a dedicated network path between the agent and the internet; consider using the fetch proxy mode for agents with a dedicated fetch tool.
• When using the docker-based deployment, ensure the container has appropriate network access to the agent and to the external sites being scanned.
• Regularly review the generated logs and webhook outputs for visibility into blocked requests and DLP events.
• The project emphasizes zero-secret operation; ensure no secrets are exposed to the Pipelock process itself.