LOCAL-FIRST · ZIG · RUNTIME GUARDRAILS

Orca — local runtime
guardrails for
AI agents.

Run AI agents through a local CLI that enforces policy, redacts secrets before persistence, writes tamper-evident local audit logs, and replays sessions without sending traces to Orca.

View pricing →Read docs →

~/orca $ zig build -Doptimize=ReleaseSafe
~/orca $ zig build install

$ orca run --agent my-agent

✓ policy guard active

✓ secret redaction enabled

✓ audit log: session_9f3a...b1e2

[INFO] orchestrating agent...

[INFO] command: search_api allowed

[BLOCK] file_write: /etc/passwd denied by policy

[INFO] session recorded: 4.2s

INSTALL ORCA PLUGIN IN SECONDS

Plug into any agent host

Claude

claude plugin marketplace add christopherkarani/Orca
claude plugin install orca@orca --scope user

The orca CLI must be installed separately via zig build. Plugin installation assumes the CLI is already on your $PATH.

FEATURES

Why Orca

Runtime Guardrails

Enforces policy on commands, file access, networks, and tools — before your agent acts.

Secret Redaction & Audit

Removes secrets before persistence. Records tamper-evident audit logs with full session replay.

Plugin Integrations

Native hooks and diagnostics for Codex, Claude Code, OpenCode, and OpenClaw. orca run provides the strongest protection.

Red-Team Validation

Built-in security tests to measure your agent's risk posture. Score, report, and iterate.

UNWRAPPED COMMAND vs ORCA-MANAGED RUN

	Unwrapped command	Orca-managed run
Policy enforcement	✗	✓
Secret redaction	✗	✓
Audit / replay	✗	✓
Plugin support	✗	✓

Guardrails before the agent acts.

Orca routes supported agent commands, tool calls, and file/network decisions through policy checks, secret redaction, and tamper-evident local audit before supervised work reaches the runtime.

HOW IT WORKS

One local CLI. Multiple agent hosts.

1. Build and install the Orca CLI:

Build & Install

zig build -Doptimize=ReleaseSafe
zig build install

2. Wrap any agent command with orca run:

Wrap your agent

orca run --agent claude -- claude

# Orca intercepts the process:
#   policy  →  redact  →  audit  →  execute

3. Every operation passes through three guardrails:

Policy Engine

Commands, file access, network, and tools checked against deny-by-default rules

→

Secret Redaction

Secrets, keys, and tokens stripped before anything reaches disk or network

→

Audit & Replay

Tamper-evident local logs with replay for Orca-managed agent runs

Example session with orca run:

$ orca run --agent search-bot -- python search.py

[policy] command=python allowed

[policy] network=api.example.com allowed

[redact] api_key=sk-*** intercepted

[audit] session=a1b2c3 recorded

✓ agent completed in 3.2s

replay: orca replay a1b2c3

Plugin not required. orca run works with any tool — the plugins just add deeper integration for diagnostics and lifecycle hooks.

LOCAL GUARDRAILS

Supervised runs without a hosted dashboard

CAPABILITIES

hostsMultiple host support — Codex, Claude Code, OpenCode, OpenClaw

policyPer-agent policy enforcement with deny-by-default rules

redactAutomatic secret redaction before log persistence

auditTamper-evident local audit logs with session replay

testsRed-team test fixtures to measure agent risk posture

Runs locally

Policy files live in your repo

Audit logs stay on your machine

CI mode supported

Orca is purpose-built for local agent workflows: supported commands, tool calls, and file/network decisions are checked before supervised work reaches the runtime. No hosted monitoring, cloud sync, or telemetry upload is required for license verification.

Ready to secure your agents?

Get started with Orca in minutes. Open source, local-first, and built for the agent ecosystem.

Installation Guide →GitHub Repository →Quick-Start Tutorial →

Orca — local runtimeguardrails forAI agents.