monadical/greywall-landing-page
14
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: better messaging

Browse Source
This commit is contained in:
Nik L
2026-04-02 15:36:34 -04:00
parent 3fd6d63fa3
commit 8ec166590d
6 changed files with 27 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app/layout.tsx
View File

@@ -20,7 +20,7 @@ export const metadata: Metadata = {
metadataBase: new URL('https://greywall.io'),
title: 'Greywall: Sandbox for AI Agents',
description:
'Frictionless, default-deny sandboxing with real-time observability for AI agents on Linux and macOS. One command, nothing to configure. Open source.',
'Frictionless sandboxing with real-time observability for AI agents on Linux and macOS. One command, nothing to configure. Open source.',
icons: {
icon: [
{ url: '/icon.svg', type: 'image/svg+xml' },
@@ -31,7 +31,7 @@ export const metadata: Metadata = {
},
openGraph: {
title: 'Greywall: Sandbox for AI Agents',
description: 'Frictionless, default-deny sandboxing with real-time observability for AI agents. One command, nothing to configure.',
description: 'Frictionless sandboxing with real-time observability for AI agents. One command, nothing to configure.',
url: 'https://greywall.io',
siteName: 'Greywall',
type: 'website',
@@ -40,7 +40,7 @@ export const metadata: Metadata = {
twitter: {
card: 'summary_large_image',
title: 'Greywall: Sandbox for AI Agents',
description: 'Frictionless, default-deny sandboxing with real-time observability for AI agents. One command, nothing to configure.',
description: 'Frictionless sandboxing with real-time observability for AI agents. One command, nothing to configure.',
images: ['/og-image.png'],
},
alternates: {
@@ -71,7 +71,7 @@ const jsonLd = {
'@id': 'https://greywall.io/#software',
name: 'Greywall',
description:
'Frictionless, default-deny sandboxing with real-time observability and dynamic controls for AI agents on Linux and macOS.',
'Frictionless sandboxing with real-time observability and dynamic controls for AI agents on Linux and macOS.',
applicationCategory: 'SecurityApplication',
operatingSystem: 'Linux, macOS',
url: 'https://greywall.io',

10
components/control.tsx
View File

@@ -48,11 +48,11 @@ export function Control() {
</span>
</div>
<h2 className="font-serif text-3xl sm:text-4xl font-semibold tracking-tight mb-4">
Default deny. Explicit allow.
Nothing is allowed unless you say so.
</h2>
<p className="text-muted-foreground font-serif text-lg leading-relaxed">
Agents inherit your full permissions. Greywall flips this: nothing is accessible
unless explicitly granted. Filesystem, network, and commands all start closed.
Greywall gives teams and AI agents the freedom to operate within precise security
boundaries.
</p>
</div>
<PlatformToggle />
@@ -121,7 +121,7 @@ export function Control() {
</div>
<p className="text-xs text-muted-foreground font-serif leading-relaxed">
Full network namespace isolation. The process can&apos;t see the host network.
Every packet hits the TUN device and routes through GreyProxy, including
Every packet hits the TUN device and routes through Greywall, including
binaries that ignore proxy env vars.
</p>
</div>
@@ -162,7 +162,7 @@ export function Control() {
</div>
<p className="text-xs text-muted-foreground font-serif leading-relaxed">
All outbound traffic is blocked at the kernel. Only the proxy address is
reachable. GreyProxy then applies domain-level allow/deny rules.
reachable. Greywall then applies domain-level allow/deny rules.
</p>
</div>
)}

6
components/faq.tsx
View File

@@ -7,12 +7,12 @@ const faqs = [
{
question: 'What is Greywall?',
answer:
'Greywall is a command-line tool that sandboxes AI coding agents. You wrap your agent in it — <code>greywall -- claude</code> — and it enforces a default-deny security policy at the kernel level. The agent can read and write your project files, but it cannot touch your SSH keys, read your .env, or make network calls you haven\'t approved. It works on Linux and macOS, requires no containers, and is open source under the Apache 2.0 license. The basic promise is modest: your AI assistant should not have more access to your computer than you would give a stranger at a coffee shop.',
'Greywall is a command-line tool that sandboxes AI coding agents. You wrap your agent in it — <code>greywall -- claude</code> — and nothing is accessible unless you explicitly allow it. The agent can read and write your project files, but it cannot touch your SSH keys, read your .env, or make network calls you haven\'t approved. It works on Linux and macOS, requires no containers, and is open source under the Apache 2.0 license. The basic promise is modest: your AI assistant should not have more access to your computer than you would give a stranger at a coffee shop.',
},
{
question: 'How do I sandbox my AI coding agent?',
answer:
'Install Greywall, then prefix your command: <code>greywall -- claude</code>, <code>greywall -- opencode</code>, or any other CLI agent. That is the whole process. Greywall operates at the OS level, so it does not need plugins, extensions, or agent-specific configuration. The agent launches inside a kernel-enforced sandbox and runs normally — it just cannot reach things you have not explicitly allowed. If you want to see what the agent is trying to access, open the GreyProxy dashboard.',
'Install Greywall, then prefix your command: <code>greywall -- claude</code>, <code>greywall -- opencode</code>, or any other CLI agent. That is the whole process. Greywall operates at the OS level, so it does not need plugins, extensions, or agent-specific configuration. The agent launches inside a kernel-enforced sandbox and runs normally — it just cannot reach things you have not explicitly allowed. If you want to see what the agent is trying to access, open the Greywall dashboard.',
},
{
question: 'How is Greywall different from running agents in Docker?',
@@ -22,7 +22,7 @@ const faqs = [
{
question: 'Does Greywall work on macOS?',
answer:
'Yes. On macOS, Greywall uses Seatbelt — Apple\'s built-in kernel sandbox, the same one that constrains App Store applications. It generates a deny-by-default sandbox profile for each session, covering filesystem access, network connections, and IPC. Network traffic is routed through GreyProxy via environment variables. On Linux, there are more layers available (Bubblewrap, Landlock, Seccomp BPF, eBPF, and a TUN device for network capture), but the macOS implementation provides strong isolation using only built-in OS capabilities. No additional packages required.',
'Yes. On macOS, Greywall uses Seatbelt — Apple\'s built-in kernel sandbox, the same one that constrains App Store applications. It generates a sandbox profile for each session that blocks everything unless explicitly allowed, covering filesystem access, network connections, and IPC. Network traffic is routed through Greywall via environment variables. On Linux, there are more layers available (Bubblewrap, Landlock, Seccomp BPF, eBPF, and a TUN device for network capture), but the macOS implementation provides strong isolation using only built-in OS capabilities. No additional packages required.',
},
{
question: 'Is Greywall open source?',

4
components/layers.tsx
View File

@@ -46,7 +46,7 @@ const macosLayers = [
icon: Shield,
name: 'Seatbelt Sandbox',
tag: 'Core',
desc: 'macOS kernel sandbox with dynamically generated profiles. Default-deny policy with explicit allowlists for filesystem, network, IPC, and process operations.',
desc: 'macOS kernel sandbox with dynamically generated profiles. Explicit allowlists for filesystem, network, IPC, and process operations.',
detail: 'macOS native',
},
{
@@ -93,7 +93,7 @@ export function Layers() {
<p className="text-muted-foreground font-serif text-lg leading-relaxed">
{platform === 'linux'
? 'Each layer operates independently. A bug in one is caught by another. No single point of failure. Every constraint is enforced at the kernel level.'
: 'macOS Seatbelt enforces deny-by-default policies before any syscall completes. The sandbox profile is generated per-session with rules tailored to your project.'}
: 'macOS Seatbelt blocks everything unless explicitly allowed, before any syscall completes. The sandbox profile is generated per-session with rules tailored to your project.'}
</p>
</div>
<PlatformToggle />

19
components/observability.tsx
View File

@@ -8,27 +8,27 @@ const slides = [
{
label: 'Dashboard',
src: '/dashboard.png',
alt: 'GreyProxy dashboard showing total requests, allowed, blocked, and allow rate stats',
alt: 'Greywall dashboard showing total requests, allowed, blocked, and allow rate stats',
},
{
label: 'Pending',
src: '/pending_requests.png',
alt: 'GreyProxy pending network requests with Allow and Deny controls for each domain',
alt: 'Greywall pending network requests with Allow and Deny controls for each domain',
},
{
label: 'Rules',
src: '/rules.png',
alt: 'GreyProxy domain rules configuration showing allow and deny policies per source',
alt: 'Greywall domain rules configuration showing allow and deny policies per source',
},
{
label: 'Activity',
src: '/activity.png',
alt: 'GreyProxy activity log showing real-time TCP connections with status, source, destination, and duration',
alt: 'Greywall activity log showing real-time TCP connections with status, source, destination, and duration',
},
{
label: 'Conversations',
src: '/conversations.png',
alt: 'GreyProxy conversations view showing agent interactions with tool calls and results',
alt: 'Greywall conversations view showing agent interactions with tool calls and results',
},
]
@@ -82,12 +82,13 @@ export function Observability() {
</span>
</div>
<h2 className="font-serif text-3xl sm:text-4xl font-semibold tracking-tight mb-4">
See every network connection.
See every file access and network connection.
</h2>
<p className="text-muted-foreground font-serif text-lg leading-relaxed">
You can&apos;t predict which domains your agent will reach for. GreyProxy captures
every outbound connection and lets you allow or deny them in real time, without
restarting the session.
You can&apos;t predict which files your agent will read or which domains it will reach
for. Greywall learns what the agent needs on your filesystem automatically and
captures every outbound connection, letting you adjust policies in real time
without restarting the session.
</p>
</div>

6
public/llms.txt
View File

@@ -1,12 +1,12 @@
# Greywall
> Frictionless, default-deny sandboxing with real-time observability for AI agents on Linux and macOS.
> Frictionless sandboxing with real-time observability for AI agents on Linux and macOS.
Greywall is an open-source CLI tool that wraps any AI agent (Claude Code, Codex, Cursor, Aider, and others) in a kernel-enforced sandbox. It uses five security layers on Linux (Bubblewrap namespaces, Landlock filesystem, Seccomp BPF syscall filtering, eBPF monitoring, and TUN+SOCKS5 network proxy) and four on macOS (Seatbelt sandbox, filesystem policy, log stream monitor, and proxy-based network control). Default-deny policy means nothing is accessible unless explicitly granted. Built by Greyhaven, licensed Apache 2.0.
Greywall is an open-source CLI tool that wraps any AI agent (Claude Code, Codex, Cursor, Aider, and others) in a kernel-enforced sandbox. It uses five security layers on Linux (Bubblewrap namespaces, Landlock filesystem, Seccomp BPF syscall filtering, eBPF monitoring, and TUN+SOCKS5 network proxy) and four on macOS (Seatbelt sandbox, filesystem policy, log stream monitor, and proxy-based network control). Built by Greyhaven, licensed Apache 2.0.
## Key Features
- Filesystem isolation (kernel-enforced read/write/deny per path)
- Network isolation (all traffic routed through GreyProxy)
- Network isolation (all traffic routed through Greywall's proxy)
- Command blocking (detects blocked commands in pipes, chains, nested shells)
- Real-time violation monitoring (every denial captured with full context)
- Learning mode (auto-generates least-privilege templates from observed access)