I'm a recent grad from UMich and built AgentShield because agentic AI is moving fast but payment safety hasn't caught up. Agents are already being handed API keys, stablecoin wallets, and payment credentials - if one misbehaves, gets prompt injected, or makes a bad call, nothing understands the agent's intent well enough to stop it.

Every spend request runs through four checks before money is allowed to move:

1. Quantitative (Redis) - Is the agent within its daily budget? Is it sending the same transaction over and over?

2. Policy (Postgres) - Is the vendor blocked? Is the amount too high to auto-approve? Is the stablecoin/network/address allowed?

3. Semantic (Claude Haiku) - Does the stated goal actually match what's being purchased?

4. Goal Drift (Claude Haiku) - Is this purchase within what the agent is supposed to be doing at all?

Checks 1 and 2 run sequentially — if either hard-denies, Claude never gets called. Checks 3 and 4 run in parallel via asyncio.gather.

One verdict comes back: SAFE, SUSPICIOUS, or MALICIOUS.

Full product — live dashboard, auth, HITL approval flows, spend monitoring. Completely free.

Looking for feedback, especially from anyone running spending agents in production.

Landing page: https://agentshieldv2-dashboard-production.up.railway.app

Demo: https://youtu.be/tJIYp8yOpuo?si=4oV1d_p9Tx9w8DhT

Github: https://github.com/lucarizzo03/AgentShieldv2