Skip to content
View fleet-watcher's full-sized avatar
4 followers · 1 following

Block or report fleet-watcher

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
fleet-watcher/README.md

Fleet Watcher

Open-source synchronous control plane that inline-blocks AI agents before privileged actions land. MIT, framework-agnostic, self-hostable.

  • Bankr SDK: fleet-watcher-bankr-guard — drop-in middleware that preflights every Bankr wallet action against a prompt-injection / phishing / drain firewall.
  • License: MIT

What it does

Fleet Watcher sits in front of any LLM agent that can sign transactions, send funds, write to memory, or call privileged APIs. Every proposed action is inspected synchronously; the call only proceeds if the verdict is ALLOW. Blocked actions are logged with evidence so operators can prove what their agent was about to do.

Built-in checks:

  • Prompt-injection firewall — pattern library tuned for known agent-takeover phrases.
  • Drainer feed — merged scam-sniffer + MEW darklist (~3k addresses), 6h refresh.
  • Unlimited-approval & permit/EIP-712 detection — flags max-uint approvals and off-chain signatures that would drain a wallet.
  • Intent mismatch — compares the user prompt to the proposed on-chain action.

Repo layout

artifacts/api-server/        Express 5 control-plane API
artifacts/fleet-watcher/     Public dashboard (React + Vite + wouter)
lib/bankr-guard/             Public npm SDK (fleet-watcher-bankr-guard)
lib/db/                      Drizzle schema (Postgres)
threat_model.md              STRIDE threat model
OUTREACH.md                  Upstream coordination notes

API

POST {your-fleet-watcher-host}/api/bankr-guard/inspect

Unauthenticated, read-only. Rate limit: 600 req/min global + 30 req/min per distinct payload fingerprint, 16 KB body cap. Only BLOCK verdicts are persisted.

See lib/bankr-guard/README.md for the SDK quickstart.

Self-host

pnpm install
pnpm --filter @workspace/db run push          # apply schema to your Postgres
pnpm --filter @workspace/api-server run dev   # API on port 5000
pnpm --filter @workspace/fleet-watcher run dev

Required env: DATABASE_URL, SESSION_SECRET.

License

MIT. See LICENSE.

Popular repositories Loading

  1. goblin-rush goblin-rush Public

    On-chain tower defense on Base. Own your towers. Earn $GOBS from kills. Hire an AI agent to play 24/7.

  2. stackr stackr Public

    FIRE-inspired token launchpad on Base mainnet

    TypeScript

  3. Megalaunchpad Megalaunchpad Public

  4. aeon aeon Public template

    Forked from aaronjmars/aeon

    The most autonomous agent framework. No approval loops. No babysitting. Configure once, forget forever.

    TypeScript

  5. skills skills Public

    Forked from BankrBot/skills

    Bankr Skills equip builders with plug-and-play tools to build more powerful agents.

    Shell

  6. fleet-watcher fleet-watcher Public

    Open-source synchronous control plane that inline-blocks AI agents before privileged actions. Bankr wallet drain protection + drop-in SDK.

    TypeScript