Aegis-Guard: Zero-Trust SaaS Auditor

A Python-governed AI agent that intercepts unauthorized SaaS signups using a mandatory Human-in-the-Loop security gate.

Comment

Aegis-Guard: Zero-Trust SaaS Auditor

Inspiration

In the modern enterprise, "Shadow IT"—the unauthorized use of SaaS platforms—creates massive security gaps and uncontrolled costs. As a systems architect, I wanted to build a proactive "Gatekeeper" that intercepts these signups at the browser level before they become a liability.

How I Built It

Aegis-Guard is an Active Agent built on the Airia Everywhere framework. The pipeline consists of four critical stages:

  1. Context Ingestion: The extension scrapes DOM data from vendor signup/pricing pages.
  2. Logic Sanitization: A custom Python node cleans the input to prevent prompt injection and ensure token efficiency.
  3. AI Classification: A GPT-4.1 core analyzes the vendor's nature (SaaS vs. Generic).
  4. Synchronous Governance: A Human-in-the-Loop (HITL) node pauses the execution. This ensures no vendor is "Approved" without manual administrative oversight—a core tenant of Zero-Trust security.

What I Learned

I deepened my understanding of asynchronous orchestration and the challenges of mapping browser DOM states to LLM contexts. Handling platform-side execution latencies taught me the importance of building "fail-safe" Python routing logic that defaults to a BLOCKED state if the AI confidence interval is low.

Challenges Faced

The primary challenge was synchronizing the browser extension's scraping layer with the Agent Studio's execution engine. I overcame this by architecting a robust, binary routing logic in Python that ensures architectural integrity even during high-latency API handshakes.

Built With

  • airia
  • architecture
  • everywhere
  • gpt-4.1
  • json
  • python
  • zero-trust
Share this project:

Updates