Skip to main content

What is Unbound Security?

Unbound Security is an Agent Access Security Broker (AASB) that helps organizations discover, assess, and enforce policy for AI coding agents. Unbound gives security teams full visibility and control over every agent, tool, and action — covering terminal commands, file access, MCP connections, and IDE plugins across tools like Claude Code, Cursor, Cline, GitHub Copilot, and Windsurf.

Key Capabilities

Agent Discovery

  • Inventory AI coding agents in use: Detect Claude Code, Cursor, Windsurf, GitHub Copilot, Cline, and more across your engineering org
  • Enumerate MCP servers: Surface every MCP server a developer has connected, including risky or unknown ones
  • Map IDE plugins: See which AI-powered IDE extensions are installed and how they are configured

Risk Assessment

  • Per-developer posture scores: A live security signal for each engineer based on the agents, plugins, and MCP servers they have enabled
  • Risky MCP connection alerts: Flag MCP servers with excessive permissions or untrusted sources
  • Autonomy analysis: Understand how much runway each agent has inside each developer’s environment

Policy Enforcement

  • Terminal command control: Allow or deny commands with semantic parsing, not brittle regex
  • MCP policies: Govern which MCP servers and tools each agent can reach
  • Approval workflows: Require human approval for sensitive agent actions
  • Audit logging: A complete record of what every agent did, for compliance and incident review

Data Protection

  • Automatic secret detection: Catch and redact secrets that would otherwise leak to LLM providers
  • Sensitive data routing: Route requests containing sensitive content to private LLMs in Google Vertex AI, Bedrock, or confidential computing infrastructure
  • Your data stays private: While keeping your teams productive

How It Works

Unbound operates as an endpoint-level control plane for AI coding agents. Three steps:

1. Discover

Unbound inventories the AI coding agents, MCP servers, and IDE plugins in use across your engineering org — no agent-by-agent configuration required.

2. Assess

Every agent, tool, and action is scored for risk. Security teams get a live posture view: who is running what, which MCP servers are risky, and where policies are missing.

3. Enforce

Policies are enforced at the endpoint and at the model layer — terminal command allow/deny, MCP scope controls, approval workflows, and optional LLM request routing for sensitive data.

Supported Integrations

Unbound governs and integrates with popular AI coding tools and platforms:
  • AI Coding Agents: Claude Code, Cursor, Cline, GitHub Copilot, Windsurf, Roo Code, Kilo Code, Codex, Gemini CLI
  • MCP Servers: Policy enforcement across any MCP server a developer connects
  • Enterprise Model Endpoints: Vertex AI, Bedrock, and other private model endpoints for sensitive-data routing
  • Authentication: SAML/OIDC and SCIM integration
  • MDM: Auto-configure and deploy agent settings through your device management platform

Enterprise Features

Security Controls

  • Terminal command, MCP, and file access policy enforcement
  • Automated masking and redaction of sensitive data
  • Private-model routing for sensitive requests
  • Compliance-grade audit logging

Management & Visibility

  • Per-developer, team, and department posture
  • Agent, plugin, and MCP inventory
  • Usage insights and recommendations
  • Centralized AI coding tool management

Getting Started

Prerequisites

  • Node.js 18+ — required for the CLI. Check with node --version.
  • Supported operating systems for the full Quick Start: macOS and Windows. The CLI itself installs and runs on Linux, but the device-discovery step used by the onboarding wizard and by unbound discover is not yet supported on Linux — see the callout below.
  • On Linux installs where Node lives in a system path (e.g. the NodeSource apt package), npm install -g writes to a root-owned directory and needs sudo. With a user-scoped Node manager (nvm, fnm, volta) or a custom npm prefix, no sudo is required.
Linux: device discovery is not yet supported. Running unbound discover (or letting the onboarding wizard scan your device) on Linux currently fails with Unsupported operating system: Linux. Until Linux discovery ships, Linux users can still install the CLI, unbound login, unbound setup <tool>, and use the gateway — just skip the discovery step and complete the onboarding wizard from a macOS or Windows machine.
To start using Unbound Security:
  1. Install the CLI: npm install -g unbound-cli (prefix with sudo if npm requires root on your system)
  2. Login: unbound login
  3. Set up your AI tool — run the command for your tool (pick one). Pass the mode flag so the command stays one-shot in any shell: 
    # Pick the one that matches the AI tool you use
unbound setup cursor
unbound setup claude-code --gateway        # or --subscription
unbound setup codex --gateway              # or --subscription
unbound setup gemini-cli
unbound setup copilot
    Running unbound setup claude-code or unbound setup codex with no flag opens an interactive mode picker — fine in a terminal, but it silently no-ops in non-interactive shells. See Tool Setup for the full list.
  4. Monitor and govern: Track agent activity and enforce policy from the dashboard. New workspaces are routed through a short onboarding wizard at gateway.getunbound.ai/onboarding on first visit — complete the wizard and /dashboard will be available.