B
Beta
currentActive development
- PAC-based selective AI-only traffic monitoring
- Windows, macOS, and Linux support
- 370+ AI service domains monitored
Core Features
- •HTTPS proxy with selective AI traffic interception via PAC file
- •17 built-in detection patterns (API keys, secrets, credentials, PII)
- •Block, redact, warn, or log policies for detected content
- •Native desktop app with system tray for Windows, macOS, and Linux
- •Automatic CA certificate installation
- •License validation and instance binding
- •Admin dashboard with violations, policies, devices, discovery, and destinations
- •Docker deployment for team admin server
- •Stripe integration for subscriptions
- •Three operating modes: learning, warning, enforcing
- •Response inspection and entropy-based secret detection
License Enforcement & Security
- •Full-stack license enforcement: expired/revoked licenses stop proxy on admin server and all endpoint devices
- •72-hour offline grace period for admin servers that lose connectivity (persists across restarts)
- •Hourly heartbeat for license revalidation
- •Device sync includes license_valid flag - endpoints stop proxy when false
- •Seat revocation immediately stops proxy and restores system settings on the device
- •License-gated API endpoints: seat creation, enrollment, and token generation blocked when expired
- •Account deletion: cancels Stripe subscriptions, revokes licenses, removes all data
- •Instance conflict detection stops proxy on conflicting instances
Architecture
- •Proxy engine built in Rust for performance
- •Non-AI traffic is completely untouched (no inspection, no latency)
- •WebSocket passthrough support
- •Separate Individual and Team/Enterprise builds