GrepGuard

Run AI agents in isolated cloud sandboxes from your terminal.

How it works

  1. Install the CLI

    npm install -g grepguard

    Installs globally as a single executable.

  2. Go to Account and create an API key

    grepguard auth login

    Paste your API key when prompted to link the CLI to your account.

  3. Create a namespace

    grepguard create namespace demo

    Use a project-style name so related agent runs stay grouped together.

  4. Create a pod

    grepguard create pod test --namespace demo

    Pods are lightweight, disposable sandboxes that isolate your agents.

  5. Run your agent

    grepguard run test --agent opencode --prompt "hello" --namespace demo

    The agent runs inside the pod you created. All file operations, code changes, and commands are confined to that sandbox.

  6. Review the logs

    grepguard logs test --agent opencode --namespace demo

    Every action your agent took is recorded. Review the full logs to see what happened.

Explore all CLI commands in grepguard/clidocs.

Why GrepGuard

Isolated by default

Every run gets its own disposable cloud sandbox. Nothing your agent touches ever reaches your machine.

Built for agents, not scripts

Agents read and create files, install packages, and run shell commands you didn't ask for.

Sessions you can grep

Every sandbox leaves a structured log behind, so you can search back through exactly what an agent did.

Multiplayer by default

Every agent session is visible to your whole team. Watch runs live and inspect logs

Contact us

hello@grepguard.com