Capsule Security Launches with $7M Seed Funding to Secure AI Agent Behavior

Capsule Security has emerged from stealth with a $7 million seed round to tackle what it calls the "runtime gap" in AI agent security. Led by Lama Partners and Forgepoint Capital, the startup is addressing a critical vulnerability: legacy security tools weren't built to monitor what happens between an AI agent receiving a prompt and taking action. With over 80% of Fortune 500 companies now using active AI agents—which operate at machine speed with privileged access to critical systems—this gap represents a significant enterprise risk. Capsule's platform enforces trust directly within the execution path, evaluating agent actions in context and blocking unsafe or unauthorized activity before completion.

Capsule demonstrated the urgency of its mission by concurrently disclosing two zero-day vulnerabilities it discovered in leading platforms: ShareLeak (CVE-2026-21520) in Microsoft Copilot Studio and PipeLeak in Salesforce Agentforce. Both are prompt injection vulnerabilities that allow malicious content to hijack agent goals and steer tool usage. To address these risks in open frameworks, Capsule also released ClawGuard, an open-source enforcer that adds pre-invocation checkpoints. The platform supports major agent environments including Cursor, Claude Code, and ServiceNow, generating auditable telemetry for governance and compliance teams without requiring infrastructure changes, proxies, or SDKs.