Sphyr
Start for free

A firewall for outbound agent requests.

Policies as code. Signed requests. Receipts on every call.

Sphyr enforces cryptographic, financial, and behavioral boundaries on every request your agent makes — with p99 latency under 8ms.

Start for free $ npm i @sphyr/guard
Security checks
12
on every outbound request
p99 latency
< 8ms
target met on Cloudflare Workers edge
Threat categories
5
HMAC · SSRF · entropy · EDoS · prompt injection
Free credits
1,000
with every new account
What Sphyr enforces

Security you can show your auditor.

Four capabilities that move agent security from promise to receipt.

Prove what was blocked

Every denial is cryptographically signed with the policy that denied it. No theoretical wins — real, reproducible receipts your auditor can verify.

Stop SSRF-class attacks

Agents reach for the unexpected: metadata endpoints, private IPs, payment APIs. Sphyr enforces network, DNS, and domain policy before the request leaves.

Budget guardrails, per-agent

Spend, rate, and call-count limits enforced at the gateway — not inferred from logs. Agents hit their cap and stop. No surprise bills, ever.

Policies as code

Allowlists, rate caps, and spend budgets live beside your repo — versioned, reviewed, and deployed like any other code change. No dashboard drift.

How it works

From npm install to signed receipts in three steps.

Sphyr ships as an SDK and a gateway. Install, route, audit — no infrastructure to run.

01

Install the SDK

Add @sphyr/guard to your Node or Python app. Point it at your API key and HMAC secret.

# Node.js
npm install @sphyr/guard

# Python
pip install sphyr
02

Route outbound requests

Wrap any outbound call in guardNet. Sphyr runs the 12-phase pipeline — HMAC, SSRF, entropy, credits — before the request leaves.

const result = await guard.guardNet({
  url: "https://api.example.com/data",
  method: "GET",
  category: "api-call",
});
03

Audit every call

Every request — allowed, blocked, or flagged — lands in the admin console with the policy that decided it. Reproducible receipts for every auditor.

# Open the admin console
open https://console.sphyr.io

# Or query the usage summary
guard.usageSummary({ window: "7d" });
Pricing

Start free. Scale when you see traffic.

No credit card to start. Pay-as-you-go with prepaid credits — no recurring fees, no surprise overage.

Free Trial
$0 no card required
For trying Sphyr on a side project or proof of concept. No time limit on the grant.
  • 1,000 free requests (one-time signup grant)
  • HMAC signature verification
  • SSRF protection
  • Basic entropy scanning
  • Community support
Start for free
Prepaid Credits
$5 / pack
Prepaid top-up. No recurring fees. Credits burn oldest-first with 12-month validity.
  • $0.0001 per request
  • Everything in Free Trial
  • Credits valid for 12 months
  • Preflight / dry-run mode
  • Admin dashboard access
  • Priority support
Top up credits

Ship agents with receipts, not hope.

1,000 free requests. No credit card. p99 under 8ms. Sign up, wire the SDK, and ship.

Start for free