EU AI Act enforcement | Aug 2, 2026

Your agents act. Nobody's watching. Until now.

Reinward intercepts every tool call your AI agents make, enforcing least-privilege policies, blocking injections, and helping you generate the SOC 2 and EU AI Act compliance evidence you need.

Free tier available | No credit card | 10-minute integration

By joining, you agree we can email you about Reinward. We never share your address. See our Privacy Policy. Unsubscribe anytime.

<50ms
Added latency
6
Detection layers
3
Lines to integrate

Built by a cybersecurity engineer, grounded in independent research into real-world AI agent vulnerabilities.

reinward | live interception
Injection Scanner
WAITING
Identity Verification
WAITING
Tool Call Policy
WAITING
MCP Governance
WAITING
PII Scanner
WAITING
Behaviour Baseline
WAITING
0
Blocked
0
Allowed
0
Redacted
100%
Chain intact
Latency: 38ms Intercepted: 0
CVE-2025-68664 LangGrinch, secret exfiltration CVSS 9.3 | CVE-2025-54136 MCPoison, MCP tool poisoning Critical | CVE-2025-54135 CurXecute, remote code execution Critical | 200,000 vulnerable MCP instances found 2026 | 847M LangChain downloads at risk from LangGrinch | CVE-2025-68664 LangGrinch, secret exfiltration CVSS 9.3 | CVE-2025-54136 MCPoison, MCP tool poisoning Critical | CVE-2025-54135 CurXecute, remote code execution Critical | 200,000 vulnerable MCP instances found 2026 | 847M LangChain downloads at risk from LangGrinch |

Built for the standards your buyers and auditors already care about

EU AI ActArticles 12, 14, 73
SOC 2CC6, CC7
UK GDPRArticle 22
OWASPLLM Top 10
Grounded in real CVEs
Built around documented 2025 and 2026 agent vulnerabilities, not hypotheticals.
Designed for August 2026
Ready for the EU AI Act high-risk obligations before they start applying.
UK-built for UK compliance
NI numbers, NHS numbers, and sort codes detected out of the box.
How it works

Six layers.
One gateway.

Every request your agent makes flows through Reinward. Six independent detection layers run in under 50ms. Everything is logged.

01
Prompt Injection Scanner
Rule-based patterns, ML classifier, LLM judge. Catches direct attacks and indirect injection hidden in emails, PDFs, and web pages.
OWASP LLM01
02
Agent Identity Verification
Every request carries a signed agent token. No valid identity means immediate rejection before any other layer runs.
SOC 2 CC6.1
03
Tool Call Policy Engine
YAML allow/deny rules per agent role, enforced before execution. Your support bot cannot call delete_account. Ever.
OWASP LLM06
04
MCP Server Governance
Allowlists approved servers, enforces OAuth 2.1, and scans tool descriptions for MCPoison attacks before they enter agent context.
CVE-2025-54136
05
PII & Secret Scanner
UK-specific PII, NI numbers, NHS numbers, sort codes, plus global PII and credential detection on all outputs before delivery.
UK GDPR ready
06
Behaviour Baseline Monitor
7-day rolling baseline per agent. Z-score anomaly detection. Auto-pauses agents that deviate from established normal behaviour.
EU AI Act Art.14
gateway/pipeline.py
# Every agent request runs this async def run(self, tool, payload, token): result = await self.scanner.score(payload) if result.score > 0.80: return Block("injection", result) agent = self.identity.verify(token) if not agent.valid: return Block("invalid_identity") allowed = self.policy.check( agent.role, tool ) if not allowed: return Block("policy_violation", tool) await self.mcp.verify(payload.mcp_server) output = await self.forward(tool, payload) clean = self.pii.redact(output, region="UK") self.baseline.record(agent.id, tool) await self.audit.log(agent, tool, clean) return Allow(clean)
Live comparison

The same attacks. Two agents.

Watch an unprotected agent get compromised, then watch the same attacks hit an agent behind Reinward.

Normal agent
no security
idle
Damage report
Customer data leakedwaiting
Accounts deletedwaiting
Secrets exposedwaiting
PII leaked in clearwaiting
Agent behind Reinward
protected
idle
Damage report
Customer data leakedwaiting
Accounts deletedwaiting
Secrets exposedwaiting
PII leaked in clearwaiting

Your agents are running.
Your audit trail isn't.

Free tier. No credit card. 10-minute integration.

UK-built | Designed for UK GDPR | Maps to SOC 2 and EU AI Act controls

By joining, you agree we can email you about Reinward. We never share your address. See our Privacy Policy. Unsubscribe anytime.

You're on the list, we'll be in touch soon.