Frequently Asked Questions

Guardian is a local-first desktop + CLI governance layer for small engineering teams that control AI-generated or AI-assisted code before it ships. It isolates risky changes, enforces team policies, and keeps human approval decisions with an audit trail.

Guardian is designed for small engineering teams that need policy-backed release confidence on AI-assisted changes. It is not a generic chatbot, coding assistant, or scanner.

Top models can review code, but Guardian adds what agent-only flows usually miss: policy enforcement as code, deterministic release gates in CLI/CI, human approval with override reason, and a durable audit trail for ship decisions.

This repository is licensed under MIT. If you are using a fork or a packaged distribution, check the LICENSE file shipped with that build for the definitive terms.

Guardian ships macOS builds (Apple Silicon and Intel) and Windows installers today. Linux installers will appear on the download page once they are published.

Guardian supports OpenAI, Anthropic, Google Gemini, GitHub Models, and Ollama (local). You can switch providers at any time without losing your workspace context or scan history.

Only when you enable a cloud AI provider. Guardian redacts 19+ secret and PII patterns (API keys, JWTs, database URLs, emails, phone numbers) before sending any code to AI. You can also run fully offline with Ollama or use the offline scan mode.

Visit the download page and choose the recommended installer for your operating system. After downloading, run the installer and follow the setup flow in the app.

macOS 12+ or a current Windows 10/11 build is required for published desktop installers. At least 4GB RAM and ~500MB free disk space are recommended. Internet access is required only if you enable cloud AI providers or in-app update checks.

Use Settings > Scan Scope. Source (default) focuses on code and skips docs/tests/scripts/lockfiles. Extended adds infra and security surfaces (Docker/CI/locks/config). Full scans most text files for deep one-off audits.

Add your Tavily key in Settings, then enable Web Search. To force web search for a single message, prefix your question with /web or include @web. If your message includes a URL, Guardian prefers focused URL extraction; otherwise it uses web search.

Install guardian-cli and add it to your pipeline: 'guardian-cli scan . --format json --output report.json'. It supports GitHub Actions, GitLab CI, and any build system. Use --offline for policy-only checks without AI.

The MCP (Model Context Protocol) server lets AI assistants in editors like Cursor and Claude Desktop access Guardian's governance tools directly. It can scan files, check policies, and classify code without leaving your editor.

Yes, guardian-vscode provides real-time code governance in VS Code with inline findings, quick fixes, and evidence display.

Guardian detects and masks 19+ patterns including OpenAI, Anthropic, GitHub, AWS, GCP, Stripe, Slack, and npm tokens, JWTs, database URLs, private keys, emails, and phone numbers. Redaction is always-on and cannot be disabled.

Yes. Guardian includes 11+ built-in rules covering security, architecture, and quality patterns. You can configure rules in guardian.policy.yaml and create custom rules with the YAML-based rule engine.

Start with the documentation on this website. For technical issues and feature requests, use the repository issue tracker or contact us through the contact page.

Use the contact page (recommended) and include reproduction steps and logs. You can also use the repository issue tracker if you prefer.

Updates are delivered through the in-app updater when enabled, and new releases are also published via the distribution repository.