Skip to main content
RAXE Logo

What is RAXE?

RAXE is an on-device ML security engine for AI agents. It provides think-time protection — real-time threat detection during agent inference, before action execution. 100% local processing. Zero cloud.

Quick Start

Protect your first agent in 60 seconds

Agent Frameworks

LangChain, CrewAI, AutoGen, LlamaIndex + more

Detection Engine

5-head ML ensemble + 514 rules

Agentic Security

Goal hijack, memory poisoning, tool chain validation

CLI Reference

Scan from the command line

Why AI Agents Need Runtime Security

AI agents aren’t just LLMs — they’re autonomous systems that:
CapabilityRisk
Execute toolsShell, APIs, databases at machine speed
Maintain memoryPersistent state vulnerable to poisoning
CoordinateMulti-agent workflows propagate attacks
Act autonomouslySeconds from compromise to action
Training-time safety isn’t enough:
  • Static guardrails don’t adapt to novel attacks
  • Indirect injection bypasses input filters
  • Multi-step agent workflows evade single-turn detection
RAXE provides think-time security — real-time threat detection during agent inference, before action execution.

Agent Framework Support

RAXE integrates natively with leading agent frameworks:
FrameworkHandlerWhat RAXE Protects
LangChainRaxeCallbackHandlerChains, agents, tools, memory
CrewAIRaxeCrewGuardMulti-agent crews, task handoffs
AutoGenRaxeConversationGuardConversational agents, functions
LlamaIndexRaxeAgentCallbackReAct agents, RAG retrieval
LiteLLMRaxeLiteLLMCallback100+ LLM providers
DSPyRaxeDSPyCallbackProgrammatic modules
PortkeyRaxePortkeyGuardAI gateway traffic

On-Device ML Detection

On-device classification that runs 100% locally. No cloud inference. No data exfiltration. Multiple classifier heads vote on threat categories for robust detection.
Curated regex patterns for known threats with ~3ms latency. 11 threat families including 4 new agentic families: AGENT, TOOL, MEM, MULTI.
L1 (Rules): Fast pattern matching for known attacksL2 (ML): On-device classifier for novel and obfuscated threats
Specialized scanning for agents: goal hijack detection, memory poisoning, tool chain validation, agent handoff scanning, privilege escalation detection.

OWASP Alignment

RAXE’s detection capabilities align with the OWASP Top 10 for Agentic Applications:
OWASP RiskRAXE MethodRule Family
ASI01: Agent Goal Hijackvalidate_goal_change()AGENT
ASI02: Tool Misusevalidate_tool_chain()TOOL
ASI03: Privilege Escalationvalidate_privilege_request()TOOL, AGENT
ASI06: Memory Poisoningscan_memory_write()MEM
ASI07: Inter-Agent Attacksscan_agent_handoff()MULTI
ASI05: Prompt InjectionDual-layer L1+L2 detectionPI
ASI08-10: Trust, Cascading, RogueFull telemetry, L2 MLAll

Performance

L1 Latency

~3ms

Full Scan (L1+L2)

~10ms

Rules

514+

Rule Families

11
Performance varies by hardware and configuration. L1 (pattern matching) is fastest. L2 (ML ensemble) adds ~7ms but catches novel threats.

Quick Example

from raxe.sdk.client import Raxe
from raxe.sdk.integrations.langchain import create_callback_handler

# Protect a LangChain agent
handler = create_callback_handler(
    block_on_prompt_threats=False,
    block_on_response_threats=False,
)
llm = ChatOpenAI(model="gpt-4", callbacks=[handler])

# Agentic security methods
handler.validate_agent_goal_change(old_goal, new_goal)
handler.validate_tool_chain(tool_sequence)
handler.scan_agent_handoff(sender, receiver, message)
handler.scan_memory_before_save(key, content)

# Or scan directly
raxe = Raxe()
result = raxe.scan("Ignore all previous instructions")
if result.has_threats:
    print(f"Threat: {result.severity}")

Next Steps

Quick Start

Protect your first agent

Agentic Scanning

Goal hijack, memory poisoning, tool chains

Agent Frameworks

LangChain, CrewAI, AutoGen + more

Detection Rules

11 threat families, 514+ rules