The safety and
infrastructure layer
for autonomous AI systems

AI agents are executing real API calls across your systems. Chox adds security, observability, and policy enforcement to every request.

Open Dashboard

Real-time request interception

Every agent request, visible.

See, inspect, and control every API call your AI agents make before it leaves your infrastructure.

The problem

Your AI agents call external APIs.
You have zero visibility into what they send.

Blind spots

Agents post to Slack, send emails, make payments, run SQL. You find out after something breaks.

Data leaks

API keys, PII, and credentials accidentally sent in outbound requests by hallucinating models.

Unchecked spend

A misconfigured agent racks up charges, deletes records, or triggers actions you never intended.

One URL change, or two lines of code. Either way, every API call your agent makes is logged, classified, and shadow-evaluated.

Two integration paths

from chox import ChoxGuard

guard = ChoxGuard(base_url="https://chox.ai", token="chox_token_...")
charge = guard.wrap("stripe.create_charge", stripe.Charge.create)
# Every call to charge() is now evaluated and logged
result = charge(amount=50000, currency="usd")

# Before: your agent calls Stripe directly
base_url = "https://api.stripe.com"

# After: point at your Chox project URL
base_url = "https://chox.ai/my-project/stripe"
# That's it. Every call is now logged and classified.

Read the LangGraph guide

Use proxy when

Zero code changes
Network-layer routing
Governing raw HTTP

Use SDK when

LangGraph / custom agent
Wrapping tool calls
Application-level control

Use both when

Framework + raw HTTP mix
Full-stack coverage
Layered observability

AI Agent

Makes API calls

Chox Proxy

Log, classify, inspect

External APIs

Stripe, Slack, SendGrid…

Capabilities

Everything you need to govern AI actions

Full request logging

Every request and response captured. Headers, bodies, latency, and status codes — all searchable and filterable.

Complete request/response capture including headers, bodies, latency, and HTTP status. Filter by integration, action type, caller identity, and time range. Full-text search across all logged data with instant results.

Action classification

Every API call automatically classified as read, write, delete, or financial with risk scoring.

Automatic detection of bulk operations, SQL mutations, payment amounts, and destructive patterns. Each request gets a risk score based on action type, amount, and historical patterns. Zero configuration required.

Content inspection

Pluggable gate pipeline scans outbound request bodies for secrets, PII, and policy violations.

Four built-in gates: secret detection (API keys, tokens), PII scanning (emails, SSNs, credit cards), keyword deny lists, and URL policy enforcement. Fully configurable per-project with custom rules.

Shadow verdicts

Start in observe mode. See what would be blocked without disrupting production traffic.

Every flagged request is annotated with a shadow verdict showing what would have been blocked. Tune your policies using real production data before switching to enforcement mode. Zero risk deployment.

Financial thresholds

Per-project spending limits configurable to the cent. Payments exceeding limits are flagged instantly.

Set custom financial thresholds per project. Any payment or charge detected above your limit triggers an immediate flag. Works across Stripe, payment APIs, and any integration handling monetary transactions.

Dispute & allowlist

One-click false positive reports that create smart allowlist entries for similar future requests.

Submit disputes on any flagged request. Approved disputes generate fingerprint-based allowlist entries that automatically suppress the same rule for structurally similar requests. Expiration and manual override supported.

Works with

Frameworks & runtimes — where Chox plugs in