AgentShield AI Agent Detection & Response (AADR) — real-time security monitoring with Sigma rules and LLM-powered triage. What is AgentShield? AgentShield is a Go security engine that monitors AI agent tool calls in real-time. It evaluates each call against Sigma security rules and optionally routes suspicious events through LLM triage for context-aware verdicts. It runs as a single binary with no external runtime dependencies. Architecture Single Go binary ( ) containing: - HTTP server (Chi router, by default) - Sigma rule engine (forked sigmalite in ) - SQLite alert/feedback store - LLM tri…