Your agents are only as powerful as what they can reach.

Give AI agents access to your APIs and servers — without ever losing control. One dashboard. One token. You decide what runs.

Start free trial View on GitHub

No credit card required

Agent Session 🦞
person

Deploy the latest version and let me know if anything breaks.

smart_toy

On it. Deploying now...

Pulled latest code via SSH check_circle
Restarted services with Docker check_circle
Checking health (v2.4.1 staging)... refresh

All clear... Here's your staging URL: staging.yourapp.com

visibility Live Shellgate Audit Stream
[2023-10-27 14:22:01] AUTHORIZED - Agent (ID: ag_04) requested SSH access to staging-srv-01
[2023-10-27 14:22:04] AUTHORIZED - Agent (ID: ag_04) executed `docker-compose restart`
[2023-10-27 14:22:15] AUTHORIZED - Agent (ID: ag_04) GET /api/v1/health (200 OK)
[2023-10-27 14:22:18] AUTHORIZED - Agent (ID: ag_04) GET /api/v1/metrics/latency (200 OK)
[2023-10-27 14:22:31] APPROVAL_REQUIRED — ag_04 wants to run `rm -rf /var/logs/old`

Complete Observability.

Stop flying blind. Shellgate sits between your AI and your infrastructure, logging every command and API call in real-time. Review logs, revoke access, and maintain the principle of least privilege effortlessly.

  • check_circle Granular Token Scoping
  • check_circle SSH Proxying with Zero Keys Shared
  • check_circle Prompt Injection Defense

Human-in-the-Loop

Your agent asks.
You decide.

Some actions are too important to automate. Shellgate intercepts destructive commands before they execute — and hands control back to you.

  • shield

    Built-in protection

    Dangerous commands are intercepted by default. No configuration needed to be safe from day one.

  • back_hand

    You stay in control

    Approve or deny before anything touches your server. The agent waits. You decide.

  • gpp_bad

    Prompt injection defense

    Even if your agent gets manipulated by a malicious prompt, Shellgate is the last line of defense.

Agent Session 🦞
person

Clean up old backups on the production server.

smart_toy

Running: rm -rf /var/backups/2024

security
warning Shellgate — Approval Required

The agent wants to execute a destructive command:

rm -rf /var/backups/2024
visibility Shellgate Audit Stream
[14:31:02] AUTHORIZED — ag_07 executed `git pull origin main`
[14:31:08] AUTHORIZED — ag_07 executed `docker compose up -d`
[14:31:14] APPROVAL_REQUIRED — ag_07 wants to run `rm -rf /var/backups/2024` — waiting for operator
[14:31:14] waiting...

The Problem

Scaling agents is a security nightmare.

lock_reset

Scattered credentials

Environment variables spread across five different agent providers. Impossible to rotate, impossible to track.

visibility_off

No visibility

What did the agent actually do on your production DB? Unless you have Shellgate, you're guessing.

account_tree

Multiple configs

Updating a single API endpoint requires editing configs in 10 different agent tools. Pure friction.

The Solution

The unified gateway for autonomous agents.

hub

One place for all credentials

Store secrets once in Shellgate. Issue temporary, scoped tokens to your agents without exposing your root keys.

history_edu

Full audit log

Every request, every response, every terminal command. Indexed, searchable, and exportable for compliance.

all_inclusive

Works with every agent

Whether it's OpenClaw, Claude Code, or a custom Python script. If it can make an API call, it works with Shellgate.

How it works

1

Add APIs & Servers

Connect your infrastructure to the Shellgate dashboard securely.

database
2

Issue Agent Token

Create a scoped token with permissions restricted to specific tools.

key
3

Agent Calls Shellgate

Agent acts on your behalf through Shellgate's secure proxy.

bolt

Simple pricing

Run it yourself or let us handle everything. Your choice.

Self-hosted

Open Source

Free

Always free, forever open source

  • Full source code on GitHub
  • Docker Compose setup
  • Complete control over your data
  • Community support
View on GitHub
Cloud Recommended

Shellgate Cloud

$29 /month

14-day free trial, cancel anytime

  • Managed hosting, zero ops
  • Daily automatic backups
  • Ready in under a minute
  • Email support
Start free trial →

No credit card required

Self-host in 60 seconds

Take full ownership of your data and infrastructure proxy.

Terminal
$ git clone https://github.com/matthiastjong/shellgate.git
$ cd shellgate
$ cp .env.example .env
$ docker compose up -d