CybeDefend
VibeDefendLive on npm

Your AI agent. Your rules. Enforced at every prompt.

VibeDefend wires your coding agent to CybeDefend in one command. Business rules mined from the way you code. Security rules from the frameworks your auditors expect. Action guards that block dangerous calls before they fire.

Install in 5 secondsNode 18.17+
npx -y @cybedefend/vibedefend@latest install
Auto-detects
  • Claude CodeClaude Code
  • CursorCursor
  • OpenAI Codex
  • WindsurfWindsurf
  • GitHub CopilotVS Code Copilot
Read the README on npm
Five coding agents supported
Claude CodeCursorWindsurfGitHub Copilot

Run the installer once; it auto-detects every agent on your laptop and wires the ones you pick.

What VibeDefend ships

Three layers of governance, one install.

Each layer hands the agent context the moment it needs it: before the edit, before the commit, before the dangerous call.

Business Rules

The rules you never wrote down.

VibeDefend learns the conventions in your repo and proposes them as explicit rules. The autopilot keeps mining as you code, every drift becomes a one-click rule, every rule lands back in the agent's context.

  • Mined from your repo
  • Autopilot proposals as you code
  • Per-project doctrine
live agent · 2 sec ago
claude.codeedit · cart-checkout.ts
vibedefendrule injected
no-raw-amount-math
mined from src/billing.ts:14 · used 27× · confidence 94%

"Monetary amounts MUST use Decimal128, never Number."

claude.codeapplied
total = new Decimal128(cart.sum)
Security Rules

Frameworks baked in. Add your own.

OWASP, SOC 2, GDPR, ISO 27001, the canonical security playbooks load the day you install. Add your custom rules on top. The agent reads every reminder before each edit.

  • OWASP, SOC 2, GDPR, ISO 27001
  • Custom rules from your team
  • Reminded on every edit
live agent · 7 sec ago
cursordraft · users-search.ts
vibedefendrule matched
owasp-a03-injection
framework: OWASP Top 10 · severity: high · auto

"Parameterise every query that mixes user input, never string-concat into SQL."

cursorrewrote
db.query('SELECT … WHERE id = $1', [uid])
Action Guard

Dangerous actions, blocked at the source.

rm -rf, sudo, raw secret reads, ad-hoc database writes, Action Guard intercepts the agent's call before it fires. Toggle warn / block per rule. Add your own forbidden patterns. Every interception is logged in the audit trail.

  • Default denylist out of the box
  • Custom forbidden patterns
  • Audit trail to CybeDefend
live agent · just now
codexrun · sudo rm -rf /etc/
vibedefendBLOCKED
no-destructive-sudo
severity: critical · default · cannot disable

"Destructive sudo is never permitted in interactive coding sessions."

auditlogged
eu.cybedefend.com/audit/0xb2e8a4
Privacy & control

Your code never leaves your machine. Your rules never leave your project.

VibeDefend runs locally next to your agent. Only governance metadata (rule violations, drift signals, audit events) reaches the CybeDefend platform.

Local-only edits

Source code never leaves the editor. Rule decisions happen in-process; the agent only ever sees its own context.

Metadata-only telemetry

Block events, rule proposals and gap signals are reported as structured metadata. No raw code, no prompt content, ever.

EU + US tenants

Pick your region at install time. Audit trail stored in the matching CybeDefend tenant, no cross-region replication.

FAQ

What VibeDefend does, and what it doesn't.

What does the installer actually wire?

An MCP server connection between your agent and CybeDefend, plus the hooks the agent exposes (session start, session review, pre-write, pre-compact when available). Re-run vibedefend install any time to toggle agents on or off.

Which agents are supported?

Claude Code, Cursor, OpenAI Codex, Windsurf and VS Code Copilot. The installer auto-detects which ones live on your laptop and only wires those. Re-running the installer adds or removes agents idempotently.

Do you need source code access?

No. VibeDefend lives next to your agent on your machine. Rule decisions happen locally. Only governance metadata (block events, drift signals, audit entries) reaches the CybeDefend platform.

How does the autopilot work without leaking code?

The mining pass runs locally and produces a structured rule proposal: a small natural-language rule plus a reference to the file path. You review and accept; the body of the file is never transmitted.

What happens when Action Guard blocks something?

The agent gets a friendly refusal explaining the rule, the developer sees the block in their editor, and an entry lands in your CybeDefend audit trail. You can switch any rule between warn and block at any time.

How is this priced?

VibeDefend is included on every CybeDefend plan, including the free tier. The installer itself is free and open to inspect. The platform side (audit trail, dashboard, multi-team) is what the paid plans unlock.

Live · just shipped

Install VibeDefend in 5 seconds.

One command. Every coding agent on your laptop wired to CybeDefend: business rules mined from your code, security rules from the frameworks your auditors expect, action guards that block dangerous calls before they fire.

Install in 5 secondsNode 18.17+
npx -y @cybedefend/vibedefend@latest install
Auto-detects
  • Claude CodeClaude Code
  • CursorCursor
  • OpenAI Codex
  • WindsurfWindsurf
  • GitHub CopilotVS Code Copilot
Read the README on npm