VibeDefend Just Shipped. Your AI Agent Has New Rules, Installed in 5 Seconds.

@cybedefend/[email protected] landed on npm yesterday. It is a single npx line that auto-detects every coding agent on your laptop and wires them into the CybeDefend governance layer. No yaml. No deploy. No container to build. No SaaS endpoint to whitelist. Run it, pick your region, pick your agents, and your next prompt is already governed.

This post explains what the package does, why it ships now, and how to get from npm to a protected prompt in under sixty seconds.

The control point moved. Almost nobody noticed.

For fifteen years, AppSec lived inside the pull request. SAST scanned the diff. SCA checked the dependencies. The reviewer read the change. Three layers, all aligned on the same artefact: the PR.

That model assumes one essential thing: that a human reads the diff before it merges. It works at human cadence. It does not work at agent cadence.

When a single developer's Claude Code session ships 2,000 lines of code in an afternoon, the PR-review loop fractures. Some teams just merge. Other teams batch the agent's output into one giant PR that no human actually reads end-to-end. Either way, the diff has stopped being a control point. It is now a transcript.

The new control point is the prompt itself. Whatever rules you want to enforce, you have to put them in the agent's hands before it writes the offending line, not after, in a scanner that arrives once the code is already on disk and the agent has moved on.

That is the entire thesis behind VibeDefend, and it is what shipped yesterday.

What just shipped

VibeDefend is a Node CLI distributed as @cybedefend/vibedefend on npm. It does one thing: it installs the bridge between your coding agent and CybeDefend's governance backend. That bridge has three layers: business rules mined from your repo, security rules from the canonical compliance frameworks, and action guards that block dangerous calls before they fire.

The installer is a single line.

npx -y @cybedefend/vibedefend@latest install

That is the whole interface. The installer is interactive: it auto-detects which of Claude Code, Cursor, OpenAI Codex, Windsurf and VS Code Copilot live on your machine, asks for your region (EU or US), and writes the MCP wiring, the rule hooks and the doctrine files into the right places.

npx -y @cybedefend/vibedefend@latest installPick EU or USConfirm detected agentsOpen Claude Code

Node 18.17 is the only requirement. Most readers already have it because Claude Code, Cursor and Codex ship with a bundled Node anyway. Works on macOS, Linux and Windows; bash, zsh, fish, PowerShell, cmd and Git Bash all behave identically.

Three layers of governance, one install

Once VibeDefend is wired, three independent layers start watching the agent. Each layer handles a different threat surface, and each speaks a different shape of rule.

The point of separating them is that they fail in different ways. A business rule slipping is a quality bug: your code drifts from convention, your team's mental model gets harder to share. A security rule slipping is a compliance bug: you ship something that fails a SOC 2 control. An Action Guard miss is a now bug: the agent just ran something destructive on the machine it had access to. VibeDefend handles all three from the same install.

A concrete pass

Three minutes after install, your Claude Code session looks something like this.

You ask the agent to add a discount-code feature to the checkout. The agent edits cart-checkout.ts. Before the edit lands, VibeDefend pushes the mined rule no-raw-amount-math from src/billing.ts:14 into the context: "Monetary amounts MUST use Decimal128, never Number." The agent applies it on the very first write (total = new Decimal128(cart.sum)) without you having to say a word.

A minute later you ask it to filter the user-search by email. The agent starts to draft db.query("SELECT * FROM users WHERE email = '" + email + "'"). VibeDefend matches owasp-a03-injection (severity: high) before the line is finished and the agent rewrites with a parameterised query. Again, you said nothing.

Later, while debugging an environment issue, the agent confidently proposes sudo rm -rf /etc/old-config. Action Guard blocks it with no-destructive-sudo (severity critical, default-on, cannot be disabled) and the event lands in your CybeDefend audit trail with a timestamp and a reason. The agent gets a friendly refusal; you get a log entry; nothing breaks.

None of these turns were policed by a scanner reading the merged diff. All three were policed at the prompt, by a tool that already had the right rule in hand.

Five agents, auto-detected

The installer covers the five coding agents that hold most of the working market in 2026: Claude Code, Cursor, OpenAI Codex, Windsurf and VS Code Copilot. It detects which ones are installed on your machine and only wires the ones you keep ticked. Re-run the installer any time to toggle an agent on or off; it is idempotent.

The five agents do not expose the same hook surface, so the coverage of each layer differs a little. Claude Code, Cursor and Codex have the deepest integration. Windsurf supports the write-side guards plus a smart fallback for non-write tools. VS Code Copilot ships MCP and the rule layers; Action Guards are still pending on GitHub's side. Re-running the installer pulls in any agent that ships new hook surfaces between releases.

The walkthrough: from signup to a governed prompt

The fastest credible path from "I saw a tweet about this" to "my agent is governed" is about sixty seconds.

Create a CybeDefend account on eu.cybedefend.comCopy the project UUID from the dashboardnpx -y @cybedefend/vibedefend@latest installDrop .cybedefend/config.json in the repoOpen Claude Code, prompt as usual

The dashboard lives at eu.cybedefend.com or us.cybedefend.com depending on your region; you pick when you sign up. The free tier exists, no card needed, and includes everything you need to try the three layers end-to-end. The UUID is on the project page once you create one. The .cybedefend/config.json is a single-line JSON file you drop at the root of every repo you want monitored:

{ "projectId": "<your-cybedefend-project-uuid>" }

That is the whole onboarding. No SDK to vendor, no Docker image to maintain, no policy DSL to learn. The agent picks up the wiring on the next session start.

Privacy: nothing about your code crosses the wire

VibeDefend lives on your laptop, next to your agent. The decisions (whether a rule fires, whether an action is blocked, whether a mined pattern is worth proposing) happen locally. Only structured governance metadata reaches the CybeDefend backend: the name of the rule that fired, the file path it pointed at, the severity, a timestamp, the agent that called.

No source code crosses the wire. No prompt contents cross the wire. The mined business rules are produced locally and shipped to the platform as one-line natural-language statements with a file reference; the body of the file is never transmitted. The audit trail sees the rule, never the line of code that matched it.

EU and US tenants are physically separate. Pick the region at install time; the audit trail sits in the tenant that matches. No replication, no cross-region path. If you need both, you create two projects.

Pricing: included on every plan, free tier included

VibeDefend is included on every CybeDefend plan, the free tier included. The npm package is free, BUSL-1.1 licensed, and converts to Apache-2.0 on 2030-05-25. The paid plans on the platform side unlock historical audit trail retention, multi-team rule management and the org-level dashboards.

The intent is simple: the friction to put governance inside the agent should be zero. The friction to scale it across an org is where the commercial relationship begins.

What this changes

For ten years AppSec sold scanners that arrived after the code was written. That made sense when humans wrote the code, because humans usually slow down before they merge. That model now lags the workflow by an order of magnitude. The agent ships faster than the scanner cycle, the reviewer reads less than the agent produces, the diff is no longer the gate it once was.

The control point moved to the prompt. The question for every team in 2026 is whether their AppSec stack moved with it, or whether they are still funding tools that police a stage of the pipeline that no longer matters as much.

VibeDefend is the answer we just shipped. It is not the only one possible, and it will not be the last shape the category takes. But it is the first thing we have seen that you can install in 5 seconds, that runs on your laptop, that speaks every major coding agent, and that gives you all three governance layers in one go. That is the bar from now on.

The full package is at npmjs.com/package/@cybedefend/vibedefend. The README and the support matrix live on GitHub. The product page is at cybedefend.com/vibedefend. The platform is at eu.cybedefend.com and us.cybedefend.com.

Ship a feature this afternoon. See your business rules land in the agent's context. Tell us what we missed.