Back to Blog
announcementsproduct

Shipped: Runtime Redaction and Command-Line Security

The past two weeks brought runtime redaction, a powerful CLI, URL whitelisting, and a developer experience that puts security directly in your workflow. Here's what shipped and why it matters for teams building with AI agents.

4 min read
By Alan Zabihi

Runtime Redaction Is Live

One of the most requested features is now available across our SDKs and APIs: runtime redaction.

Until now, if Superagent detected sensitive information in an input or output, you had two choices: block it entirely or let it through. That binary was limiting. Sometimes you want to let the agent continue processing, but without the sensitive data ever reaching your model or logs.

Runtime redaction solves this. When PII, credentials, or other sensitive data is detected, Superagent can now redact it on the fly — stripping the sensitive content while keeping your agent's workflow intact. The agent doesn't need to know redaction happened. It just sees sanitized inputs and outputs.

This matters for production systems where blocking everything isn't practical but logging everything is a compliance risk. Runtime redaction gives you a third option: let the agent run, but protect the data.

The feature is available now in both our Python and TypeScript SDKs. See the docs for implementation details.

Superagent CLI: Security in Your Terminal

We shipped @superagent-ai/cli — a command-line tool that brings Superagent's runtime checks directly into your development workflow.

Install it globally:

npm i -g @superagent-ai/cli

With the CLI, you can run guard checks and redact sensitive data without touching your application code. This is useful for:

  • Testing prompts locally before they reach production
  • Scanning inputs in CI/CD pipelines to catch unsafe patterns early
  • Redacting PII from logs or outputs as part of your build process
  • Integrating with tools like Claude Code hooks to guard prompts in real time

The CLI brings runtime security to the command line. If you're building agents, this should be in your toolchain.

We built an example showing how to use it with Claude Code hooks. The result: every prompt you send gets checked before it reaches the model. No code changes required.

URL Whitelisting: Stop False or Malicious Links

Agents that generate URLs introduce a new risk: they can output links to malicious sites, phishing pages, or simply incorrect URLs that break user trust.

URL whitelisting is now available in both SDKs. You can define a list of allowed domains, and Superagent will block or redact any URLs that don't match. This is especially useful for agents that:

  • Generate documentation with internal links
  • Recommend third-party tools or integrations
  • Output API endpoints or webhooks

If an agent tries to output a URL that's not on your whitelist, Superagent catches it before it reaches the user. This keeps your outputs clean, trusted, and safe.

Python SDK: URL whitelisting TypeScript SDK: URL whitelisting

SDK Improvements and Breaking Changes

We've made the SDKs more flexible and easier to use. The biggest change: replacing the redacted boolean with a mode parameter.

Before (v0.0.7):

createGuard({ redacted: false })  // analyze only
createGuard({ redacted: true })   // analyze + redact

After (v0.0.11):

createClient({ mode: "analyze" }) // analyze only (default)
createClient({ mode: "redact" })  // redact only (no API call)
createClient({ mode: "full" })    // analyze + redact

This gives you three modes instead of two:

  • analyze (default): Run guard checks without redaction
  • redact: Redact PII/PHI locally without calling the guard API
  • full: Run guard checks and redact in one pass

The redact mode is especially useful when you want to sanitize data without making an external API call — useful for offline environments or latency-sensitive flows.

We also deprecated createGuard() in favor of createClient() to better reflect the SDK's expanded capabilities. The old method still works but will be removed in a future release.

CLI Command Structure: Simpler and More Focused

The CLI also got cleaner. Instead of packing everything into the guard command with flags, we split it into two focused commands:

Before (v0.0.6):

superagent guard --mode redact "My email is john@example.com"
superagent guard --mode full "prompt"

After (v0.0.7):

superagent redact "My email is john@example.com"
superagent guard "prompt"

Each command does one thing well. guard checks for threats. redact removes sensitive data. If you want both, chain them together or use the SDK's full mode.

What This Means for Teams Building with AI

These updates reflect feedback from teams running agents in production. The common thread: security needs to fit into the workflow, not replace it.

Runtime redaction lets agents keep running while protecting data. The CLI puts security checks in pipelines and hooks. URL whitelisting stops bad links before they reach users. And the SDK improvements give you more control over how and when checks run.

None of this is theoretical. These features exist because builders asked for them — and because the risk is real. Agents that leak PII, output malicious URLs, or get hijacked by prompt injections are liabilities. These tools reduce that risk without slowing you down.

What's Next

We're not slowing down. The next set of features is already in progress, focused on deeper integrations, better observability, and more control over how agents make decisions.

If you're building with AI agents and want to see what we're working on, join our Discord or check the docs.

Runtime security isn't a nice-to-have anymore. It's how you ship agents that work and stay safe.

Alan Zabihi

Co-founder & CEO of Superagent.sh

Follow on X

Related Articles

Introducing Superagent — Defend Your AI Agents in Runtime

Today, we are proud to announce Superagent — the runtime defense platform that keeps your AI agents safe from prompt injections, malicious tool calls, and data leaks.

September 24, 20252 min read
Announcing Support for Cursor Agent and OpenCode

Every developer has preferences. Some love Claude's reasoning approach. Others prefer Cursor's interface and workflow. But you shouldn't have to compromise on security just because you prefer a certain agent. VibeKit's universal agent support provides a consistent security and observability layer that works across all your preferred agents.

August 19, 20253 min read
Introducing VibeKit CLI

Every time you run an AI coding agent, you're giving it direct access to your environment. That moment of hesitation before you let the agent execute commands? We solved that. VibeKit is the safety layer that should have existed from day one.

August 12, 20253 min read

Subscribe to our newsletter

Get notified when we publish new articles and updates.