Skip to content

Wardgate Banner

Wardgate Documentation

Wardgate is a security gateway for AI agents. It provides credential-isolated API proxying and policy-gated remote command execution (conclaves), with audit logging, approval workflows, and sensitive data filtering.

Quick Start

API Gateway -- proxy API calls with credential isolation

endpoints:
  todoist:
    preset: todoist
    auth:
      credential_env: WARDGATE_CRED_TODOIST_API_KEY
    capabilities:
      read_data: allow
      create_tasks: allow
      delete_tasks: deny

Included presets: todoist, github, cloudflare, google-calendar, postmark, sentry, plausible, imap, smtp, pingping

Conclaves -- isolated remote execution for agent commands

conclaves:
  obsidian:
    description: "Obsidian vault (personal notes)"
    key_env: WARDGATE_CONCLAVE_OBSIDIAN_KEY
    cwd: /data/vault
    rules:
      - match: { command: "rg" }
        action: allow
      - match: { command: "tee" }
        action: ask
      - match: { command: "*" }
        action: deny

Documentation

Core Concepts

  • Security Architecture -- How Wardgate protects your credentials and isolates execution
  • Policy System -- Writing and configuring rules (allow/deny/ask, rate limits, time ranges)

API Gateway

Conclaves

  • Conclaves -- Isolated remote execution environments, policy rules, deployment
  • wardgate-cli -- Restricted HTTP client and conclave exec tool for agents
  • wardgate-proxy -- Local reverse proxy for agents with their own HTTP clients, or tools
  • wardgate-cli AI Skill -- Skill file to teach AI agents how to use wardgate-cli

Operations

Admin UI & CLI

Wardgate includes a web dashboard (/ui/) and CLI for managing approval requests. Configure admin_key_env in your server settings to enable. See the README for an overview.

The dashboard includes:

  • Pending -- Requests awaiting approval
  • History -- Past approval decisions
  • Logs -- Recent request activity with filtering