Smart Behavioral Firewall
Don't let agents run wild.Use protection.
A smart behavioral firewall that learns how your agents normally behave, catches weird calls and prompt injection, and routes the risky ones through human approval.
/ The problem
Agents can hit IAM, Stripe, Terraform, calendars, CRMs
That's the point.
The risk is when they do it with injected instructions, drift, or without a real trust layer.
Prompt injection & jailbreaks
Bad actors hijack tool calls
Drifted reasoning & loops
Agents stuck in infinite retry cycles
Overreach & wrong environment
Tools called without authorization
Unverified agent identity
No way to prove who initiated a call
/ How it works
It learns your agents
LetsPing builds a behavioral graph of how your agents move between tools and actions. Every step is scored. Anomalies surface before they become incidents.
/ How it works
Guardrails from day one
Enterprise grade rules fire immediately on setup, no training required. PII is redacted in transit. Injection attacks are blocked. Egress is locked to your allowlist.
/ How it works
Enforcement once it's sure
Once the baseline locks, the firewall flags unmapped sequences and routes them to your console. Humans approve. Agents learn. Nothing unexpected reaches production.
/ Human in the loop
Humans looped when needed
When the firewall pauses a call, operators see the full context, patch the payload, or reject it. The run then resumes safely.
Approvals train the system.
What you repeatedly approve becomes normal; what you reject stays suspicious.
Resolve from your console, CLI, or phone.
Connect your preferred channel. No app store required.
/ Agent identity
Agents with credentials.
Not shared secrets.
Give each agent its own ID and secret. Every call is signed; handoffs carry escrow envelopes so downstream services can verify who initiated what.
If you're a SaaS or storefront, you can accept agents as first-class citizens by verifying LetsPing webhooks + escrow.
- Each agent gets its own ID & secret
- Every call is cryptographically signed
- Escrow envelopes for verified handoffs
- Downstream services verify who initiated what
- Trust score (0–999) others can verify
- Payment mandates: x402 / AP2 compatible
/ Observability & ops
Built for operators
Every intercept, anomaly score, and ingest request shows up as structured JSON you can ship to Datadog, Prometheus, or whatever you use.
/ Your use case
Pick your path
1from letsping import LetsPing2from langchain.tools import Tool3 4lp = LetsPing()5 6# Wrap any high-risk tool. LetsPing tracks the full execution graph.7safe_refund = Tool(8 name="issue_refund",9 func=lp.tool("cx-agent", "stripe:refund", "critical"),10 description="Issues a customer refund via Stripe."11)12 13# Add to your existing graph. Everything else stays untouched.14graph.add_node("issue_refund", safe_refund)15 16# Example intercept:17# 1. Agent hallucinates a $5K refund.18# 2. LetsPing catches the off-behavior transition.19# 3. State parks in Cryo-Sleep. You get a push notification.20# 4. One tap: approve, reject, or edit the amount.21# 5. The baseline learns. Your agent gets smarter.3 LINES · ANY FRAMEWORK
Works with every stack you already use.
| FRAMEWORK | STATUS |
|---|---|
| LangChain / LangGraph | ✓ NATIVE |
| Vercel AI SDK | ✓ NATIVE |
| CrewAI | ✓ NATIVE |
| MCP Protocol | ✓ NATIVE |
| OpenTelemetry | ✓ PASSIVE |
| Custom Agents | ✓ SDK |
OpenTelemetry spans are captured passively, so there's no added latency to your LLM calls.
Agent-First · Escrow Contracts
Use signAgentCall, verifyEscrow, and chainHandoff to cryptographically link multi-agent calls. Same firewall + HITL console, with a signed chain-of-custody when agents call each other.
Read the escrow spec →Your agents' trust layer.
Free to start.
Behavioral firewall. Human approval. Agent credentials.
One SDK, every framework.
No lock-in. One SDK for every agent stack.