Pipelock 2.3.0 adds AI agent firewall to block credential leaks

Pipelock, an open-source security harness designed specifically for AI coding agents, has shipped version 2.3.0 with critical new defenses. The tool acts as an enforcement layer between agents and the network, addressing a growing vulnerability: when an agent's tool calls are compromised, they can leak sensitive credentials or API keys. The new class-preserving request redaction feature automatically masks sensitive data in outgoing requests while preserving the structural integrity of the data format—so agent workflows aren't broken. Additionally, the generic SSE (Server-Sent Events) streaming response scanning enables real-time inspection of streaming responses for malicious content or data exfiltration attempts.

This update is timely as enterprises increasingly deploy autonomous coding agents that interact with cloud services, databases, and internal APIs. Without a dedicated security layer, a single compromised tool call could expose infrastructure credentials. By open-sourcing the harness, Pipelock allows teams to audit and customize the security rules. Version 2.3.0's enhancements make it easier to integrate into existing agent pipelines without modifying agent code, providing a drop-in guardrail that can prevent credential theft without sacrificing performance or agent autonomy.