monadical/greywall-landing-page
13
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: small wording fixes

Browse Source
This commit is contained in:
Nik L
2026-03-09 14:11:52 -04:00
parent 55d5bb520c
commit 585d7c35df
6 changed files with 36 additions and 117 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
components/agents.tsx
View File

@@ -28,7 +28,7 @@ export function Agents() {
Works with every agent.
</h2>
<p className="text-muted-foreground font-serif text-lg leading-relaxed">
All agents work perfectly inside their sandbox but can&apos;t impact anything outside
All agents work perfectly inside their sandbox but can&apos;t impact anything outside
it. No agent-specific configuration needed.
</p>
</div>

9
components/control.tsx
View File

@@ -10,7 +10,6 @@ const tree = [
{ path: ' node_modules/', access: 'r', color: 'yellow' },
{ path: '~/shared-lib/', access: 'r', color: 'yellow' },
{ path: '~/.ssh/', access: 'deny', color: 'red' },
{ path: '~/.aws/', access: 'deny', color: 'red' },
{ path: '~/.env', access: 'deny', color: 'red' },
{ path: '~/other-repos/', access: 'deny', color: 'red' },
{ path: '~/Documents/', access: 'deny', color: 'red' },
@@ -52,7 +51,7 @@ export function Control() {
Default deny. Explicit allow.
</h2>
<p className="text-muted-foreground font-serif text-lg leading-relaxed">
Agents inherit your full permissions. Greywall flips this nothing is accessible
Agents inherit your full permissions. Greywall flips this: nothing is accessible
unless explicitly granted. Filesystem, network, and commands all start closed.
</p>
</div>
@@ -80,7 +79,7 @@ export function Control() {
</div>
<p className="text-xs text-muted-foreground font-serif mt-4 leading-relaxed">
SSH keys, git hooks, shell configs, and <code className="font-mono text-[11px]">.env</code> files
are always protected even inside allowed directories.
are always protected, even inside allowed directories.
</p>
</div>
@@ -121,7 +120,7 @@ export function Control() {
</div>
</div>
<p className="text-xs text-muted-foreground font-serif leading-relaxed">
Full network namespace isolation the process can&apos;t see the host network.
Full network namespace isolation. The process can&apos;t see the host network.
Every packet hits the TUN device and routes through GreyProxy, including
binaries that ignore proxy env vars.
</p>
@@ -163,7 +162,7 @@ export function Control() {
</div>
<p className="text-xs text-muted-foreground font-serif leading-relaxed">
All outbound traffic is blocked at the kernel. Only the proxy address is
reachable GreyProxy then applies domain-level allow/deny rules.
reachable. GreyProxy then applies domain-level allow/deny rules.
</p>
</div>
)}

2
components/hero.tsx
View File

@@ -1,7 +1,7 @@
'use client'
import { useState } from 'react'
import { Copy, Check, Terminal } from 'lucide-react'
import { Copy, Check } from 'lucide-react'
export function Hero() {
const [copied, setCopied] = useState(false)

12
components/layers.tsx
View File

@@ -15,28 +15,28 @@ const linuxLayers = [
icon: Lock,
name: 'Landlock',
tag: 'Filesystem',
desc: 'Kernel-level filesystem access control. Enforces granular read/write permissions below userspace — processes cannot escalate their own access.',
desc: 'Kernel-level filesystem access control. Enforces granular read/write permissions below userspace. Processes cannot escalate their own access.',
detail: 'Linux 5.13+',
},
{
icon: ShieldCheck,
name: 'Seccomp BPF',
tag: 'Syscalls',
desc: 'Blocks 27 dangerous system calls at the kernel boundary ptrace, mount, kexec, module loading, and BPF manipulation are all denied.',
desc: 'Blocks 27+ dangerous system calls at the kernel boundary. ptrace, mount, kexec, module loading, and BPF manipulation are all denied.',
detail: 'Linux 3.5+',
},
{
icon: Eye,
name: 'eBPF Monitoring',
tag: 'Visibility',
desc: 'Traces syscall exits in real time across all layers. Every permission denial is captured instantly with full context process, path, and reason.',
desc: 'Traces syscall exits in real time across all layers. Every permission denial is captured instantly with full context: process, path, and reason.',
detail: 'Linux 4.15+',
},
{
icon: Wifi,
name: 'TUN + SOCKS5 Proxy',
tag: 'Network',
desc: 'Transparent network capture at the kernel level via TUN device. All TCP/UDP traffic is routed through the proxy even binaries that ignore env vars.',
desc: 'Transparent network capture at the kernel level via TUN device. All TCP/UDP traffic is routed through the proxy, even binaries that ignore env vars.',
detail: 'Any kernel',
},
]
@@ -99,7 +99,7 @@ export function Layers() {
</h2>
<p className="text-muted-foreground font-serif text-lg leading-relaxed">
{platform === 'linux'
? 'Each layer operates independently. A bug in one is caught by another. No single point of failure — every constraint is enforced at the kernel level.'
? 'Each layer operates independently. A bug in one is caught by another. No single point of failure. Every constraint is enforced at the kernel level.'
: 'macOS Seatbelt enforces deny-by-default policies before any syscall completes. The sandbox profile is generated per-session with rules tailored to your project.'}
</p>
</div>
@@ -152,7 +152,7 @@ export function Layers() {
) : (
<>
<span className="text-primary font-medium">No dependencies.</span>{' '}
macOS sandboxing uses only built-in OS capabilities no packages to install.
macOS sandboxing uses only built-in OS capabilities. No packages to install.
Run{' '}
<code className="font-mono text-xs text-foreground bg-card/50 px-1.5 py-0.5 rounded">
greywall check

96
components/observability.tsx
View File

@@ -1,4 +1,4 @@
import { Eye, Activity, ShieldQuestion, Zap } from 'lucide-react'
import { Eye } from 'lucide-react'
export function Observability() {
return (
@@ -12,108 +12,34 @@ export function Observability() {
</span>
</div>
<h2 className="font-serif text-3xl sm:text-4xl font-semibold tracking-tight mb-4">
Watch it reach. Then decide.
See every network connection.
</h2>
<p className="text-muted-foreground font-serif text-lg leading-relaxed">
You can&apos;t predict what your agent will access. Greywall makes every filesystem
operation and network connection visible in real time so you make informed decisions
instead of guessing policies upfront.
You can&apos;t predict which domains your agent will reach for. GreyProxy captures
every outbound connection and lets you allow or deny them in real time, without
restarting the session.
</p>
</div>
<div className="grid grid-cols-1 md:grid-cols-2 gap-6 items-stretch">
{/* Monitor mode */}
<div className="flex flex-col gap-4">
<div className="flex items-center gap-3">
<div className="flex items-center justify-center w-8 h-8 rounded-md bg-primary/10 text-primary">
<Activity className="h-4 w-4" />
</div>
<h3 className="font-sans font-semibold text-sm">Real-time violation monitor</h3>
</div>
<div className="code-block p-4 flex-1">
<div className="text-xs text-muted-foreground mb-3 font-sans uppercase tracking-wider">
Live violation stream
</div>
<div className="space-y-1.5 font-mono text-xs">
<div>
<span className="text-muted-foreground">$ </span>
<span className="text-greyhaven-offwhite">greywall -m -- claude</span>
</div>
<div className="mt-2 text-muted-foreground">
[14:23:01] <span className="text-red-400/80">DENY</span>{' '}
<span className="text-greyhaven-offwhite">read</span>{' '}
~/.ssh/id_ed25519
</div>
<div className="text-muted-foreground">
[14:23:01] <span className="text-red-400/80">DENY</span>{' '}
<span className="text-greyhaven-offwhite">read</span>{' '}
~/.aws/credentials
</div>
<div className="text-muted-foreground">
[14:23:02] <span className="text-red-400/80">DENY</span>{' '}
<span className="text-greyhaven-offwhite">write</span>{' '}
~/.bashrc
</div>
<div className="text-muted-foreground">
[14:23:03] <span className="text-green-400/70">ALLOW</span>{' '}
<span className="text-greyhaven-offwhite">read</span>{' '}
./src/index.ts
</div>
<div className="text-muted-foreground">
[14:23:03] <span className="text-green-400/70">ALLOW</span>{' '}
<span className="text-greyhaven-offwhite">write</span>{' '}
./src/utils.ts
</div>
</div>
</div>
</div>
{/* GreyProxy screenshot */}
<div className="flex flex-col gap-4">
<div className="flex items-center gap-3">
<div className="mx-auto max-w-3xl">
<div className="flex items-center gap-3 mb-4">
<div className="flex items-center justify-center w-8 h-8 rounded-md bg-primary/10 text-primary">
<Eye className="h-4 w-4" />
</div>
<h3 className="font-sans font-semibold text-sm">GreyProxy dashboard</h3>
</div>
<div className="rounded-lg border border-border/40 overflow-hidden flex-1 flex items-center bg-card/30">
<div className="rounded-lg border border-border/40 overflow-hidden bg-card/30">
<img
src="/greyproxy.png"
alt="GreyProxy dashboard showing pending network requests with Allow and Deny controls"
className="w-full h-auto"
/>
</div>
</div>
</div>
{/* Value props */}
<div className="mt-8 grid grid-cols-1 md:grid-cols-3 gap-4">
<div className="p-5 rounded-lg border border-border/40 bg-card/30">
<ShieldQuestion className="h-4 w-4 text-primary mb-3" />
<h4 className="font-sans font-medium text-sm mb-1">Answer hard questions</h4>
<p className="text-xs text-muted-foreground font-serif leading-relaxed">
What did the agent see? What did it access? What was denied? Greywall makes these
questions answerable for any session, at any time, after the fact.
<p className="text-xs text-muted-foreground font-serif leading-relaxed mt-4">
Every outbound request is visible. Allow trusted domains, block unknown ones,
and adjust policies live as your agent works.
</p>
</div>
<div className="p-5 rounded-lg border border-border/40 bg-card/30">
<Zap className="h-4 w-4 text-primary mb-3" />
<h4 className="font-sans font-medium text-sm mb-1">Move faster, safely</h4>
<p className="text-xs text-muted-foreground font-serif leading-relaxed">
Once you can see what agents do and control it without breaking flow, you stop
hesitating. Longer autonomous runs, more sub-agents, faster iteration on sensitive
workloads.
</p>
</div>
<div className="p-5 rounded-lg border border-border/40 bg-card/30">
<Activity className="h-4 w-4 text-primary mb-3" />
<h4 className="font-sans font-medium text-sm mb-1">Operate, don&apos;t hope</h4>
<p className="text-xs text-muted-foreground font-serif leading-relaxed">
Observability is the difference between operating AI and hoping AI operates.
Security becomes an enabler of velocity, not a constraint on it.
</p>
</div>
</div>
</div>
</section>
)

14
components/problem.tsx
View File

@@ -1,4 +1,4 @@
import { AlertTriangle, KeyRound, Globe, FolderOpen, FileCode } from 'lucide-react'
import { AlertTriangle, KeyRound, FolderOpen, FileCode } from 'lucide-react'
const exposures = [
{
@@ -7,12 +7,6 @@ const exposures = [
label: 'SSH keys',
desc: 'Private keys, known hosts, agent configs',
},
{
icon: Globe,
path: '~/.aws/',
label: 'Cloud credentials',
desc: 'AWS tokens, GCP configs, Azure secrets',
},
{
icon: FileCode,
path: '.env',
@@ -43,12 +37,12 @@ export function Problem() {
</h2>
<p className="text-muted-foreground font-serif text-lg leading-relaxed">
AI coding agents run as your user. They see your SSH keys, cloud tokens, env files, and
entire home directory. The model decides what to access at runtime guided by weights
entire home directory. The model decides what to access at runtime, guided by weights
you didn&apos;t train, at machine speed. One wrong inference is all it takes.
</p>
</div>
<div className="grid grid-cols-1 sm:grid-cols-2 lg:grid-cols-4 gap-4">
<div className="grid grid-cols-1 sm:grid-cols-3 gap-4">
{exposures.map((item) => (
<div
key={item.path}
@@ -63,7 +57,7 @@ export function Problem() {
<div className="mt-10 p-5 rounded-lg border border-border/30 bg-card/20">
<p className="text-sm text-muted-foreground font-serif leading-relaxed">
<span className="text-foreground font-medium">Most setups rely on promises</span>
<span className="text-foreground font-medium">Most setups rely on promises:</span>{' '}
trust the model provider&apos;s policies, trust the application code, trust that the
agent respects boundaries. Greywall replaces trust with enforcement. Constraints are
applied at the kernel level, below anything the agent or model can circumvent.