Back to Blog
AnnouncementsOctober 10, 20254 min read

Shipped: Runtime Redaction and Command-Line Security

The past two weeks brought runtime redaction, a powerful CLI, URL whitelisting, and a developer experience that puts security directly in your workflow. Here's what shipped and why it matters for teams building with AI agents.

Alan ZabihiCo-founder & CEO of Superagent.sh
Share:

Runtime Redaction Is Live

One of the most requested features is now available across our SDKs and APIs: runtime redaction.

Until now, if Superagent detected sensitive information in an input or output, you had two choices: block it entirely or let it through. That binary was limiting. Sometimes you want to let the agent continue processing, but without the sensitive data ever reaching your model or logs.

Runtime redaction solves this. When PII, credentials, or other sensitive data is detected, Superagent can now redact it on the fly — stripping the sensitive content while keeping your agent's workflow intact. The agent doesn't need to know redaction happened. It just sees sanitized inputs and outputs.

This matters for production systems where blocking everything isn't practical but logging everything is a compliance risk. Runtime redaction gives you a third option: let the agent run, but protect the data.

The feature is available now in both our Python and TypeScript SDKs. See the docs for implementation details.

Superagent CLI: Security in Your Terminal

We shipped @superagent-ai/cli — a command-line tool that brings Superagent's runtime checks directly into your development workflow.

Install it globally:

npm i -g @superagent-ai/cli

With the CLI, you can run guard checks and redact sensitive data without touching your application code. This is useful for:

  • Testing prompts locally before they reach production
  • Scanning inputs in CI/CD pipelines to catch unsafe patterns early
  • Redacting PII from logs or outputs as part of your build process
  • Integrating with tools like Claude Code hooks to guard prompts in real time

The CLI brings runtime security to the command line. If you're building agents, this should be in your toolchain.

We built an example showing how to use it with Claude Code hooks. The result: every prompt you send gets checked before it reaches the model. No code changes required.

URL Whitelisting: Stop False or Malicious Links

Agents that generate URLs introduce a new risk: they can output links to malicious sites, phishing pages, or simply incorrect URLs that break user trust.

URL whitelisting is now available in both SDKs. You can define a list of allowed domains, and Superagent will block or redact any URLs that don't match. This is especially useful for agents that:

  • Generate documentation with internal links
  • Recommend third-party tools or integrations
  • Output API endpoints or webhooks

If an agent tries to output a URL that's not on your whitelist, Superagent catches it before it reaches the user. This keeps your outputs clean, trusted, and safe.

Python SDK: URL whitelisting
TypeScript SDK: URL whitelisting

SDK Improvements and Breaking Changes

We've made the SDKs more flexible and easier to use. The biggest change: replacing the redacted boolean with a mode parameter.

Before (v0.0.7):

createGuard({ redacted: false })  // analyze only
createGuard({ redacted: true })   // analyze + redact

After (v0.0.11):

createClient({ mode: "analyze" }) // analyze only (default)
createClient({ mode: "redact" })  // redact only (no API call)
createClient({ mode: "full" })    // analyze + redact

This gives you three modes instead of two:

  • analyze (default): Run guard checks without redaction
  • redact: Redact PII/PHI locally without calling the guard API
  • full: Run guard checks and redact in one pass

The redact mode is especially useful when you want to sanitize data without making an external API call — useful for offline environments or latency-sensitive flows.

We also deprecated createGuard() in favor of createClient() to better reflect the SDK's expanded capabilities. The old method still works but will be removed in a future release.

CLI Command Structure: Simpler and More Focused

The CLI also got cleaner. Instead of packing everything into the guard command with flags, we split it into two focused commands:

Before (v0.0.6):

superagent guard --mode redact "My email is john@example.com"
superagent guard --mode full "prompt"

After (v0.0.7):

superagent redact "My email is john@example.com"
superagent guard "prompt"

Each command does one thing well. guard checks for threats. redact removes sensitive data. If you want both, chain them together or use the SDK's full mode.

What This Means for Teams Building with AI

These updates reflect feedback from teams running agents in production. The common thread: security needs to fit into the workflow, not replace it.

Runtime redaction lets agents keep running while protecting data. The CLI puts security checks in pipelines and hooks. URL whitelisting stops bad links before they reach users. And the SDK improvements give you more control over how and when checks run.

None of this is theoretical. These features exist because builders asked for them — and because the risk is real. Agents that leak PII, output malicious URLs, or get hijacked by prompt injections are liabilities. These tools reduce that risk without slowing you down.

What's Next

We're not slowing down. The next set of features is already in progress, focused on deeper integrations, better observability, and more control over how agents make decisions.

If you're building with AI agents and want to see what we're working on, join our Discord or check the docs.

Runtime security isn't a nice-to-have anymore. It's how you ship agents that work and stay safe.

Announcements

Join our newsletter

We'll share announcements and content regarding AI safety.