Built in Alexandria, Egypt  |  121 Active Governance Controls  |  Claude Code & MCP Ready  |  Pre-Execution Policy Enforcement  |  Banking โ€ข FinTech โ€ข Sovereign DPI
v4.0.0-rc1 ยท Sentinel Engine v4.0.0 โ€” Online
Telegram Bot โ€” Online
121 Active Governance Controls ยท 64 Core ยท 29 Solana ยท 10 EVM ยท 8 Banking ยท 10 MENA
596/596 tests Passing
RC Now Available
๐ŸŸข RC Now Available โ€” Pre-Execution Runtime Governance

Pre-Execution Runtime Governance for Claude Code, MCP & Enterprise AI

TEOS Sovereign Sentinel is a pre-execution runtime governance layer for Claude Code, MCP servers, and enterprise AI systems โ€” blocking threats before they execute. No post-hoc analysis. No probabilistic guessing. 121 Active Governance Controls (64 Core ยท 29 Solana ยท 10 EVM ยท 8 Banking ยท 10 MENA). 4 verdicts. 6 engines. Built for regulated environments. Zero guessing.

๐ŸŸข Join Release Candidate โ†’ ๐“‚€ See It Work โ†’ What's New in v4.0.0-rc1

RC Now Available ยท Limited testers ยท teostech.online

121
Active Governance Controls
Expanded
596
Passing Tests
Verified
4
Verdicts
Block ยท Warn ยท Review ยท Allow
6
Scan Engines
All Active
๐ŸŽฅ Product Demo

See TEOS in Action

Watch how the governance engine evaluates AI actions before execution, applies deterministic governance controls, and generates runtime decisions.

Runtime governance ยท 121 controls ยท 4 verdicts ยท 596 total tests

Live Decision Playground

Try TEOS Right Now

No Telegram. No setup. Pick a scenario, edit the code, and watch the governance engine evaluate it in real time.

โšก

9 Predefined Scenarios

Banking transactions, Solana programs, Solidity contracts, supply chain risks, prompt injection, and more.

๐Ÿ”

Live API Integration

Every evaluation runs against the live TEOS risk engine. Real verdicts, real findings, real signals.

๐Ÿ“Š

Full Verdict Display

Verdict badge, risk score, triggered controls, heuristic signals, reasoning, findings table, JSON export.

โšก Open Live Decision Playground โ†’

No credits consumed ยท All evaluations against the live engine ยท v4.0.0-rc1 (Engine v4.0.0)

4 Verdicts

Every threat gets
a definitive answer.

Deterministic. Same input, same output, every time. No probabilistic scoring. No black boxes.

๐Ÿ›‘
Block

Deterministic rule matched with high confidence. Execution prevented immediately. Credit not consumed.

Triggers: wiper patterns, injection, privilege escalation, known malware
โš ๏ธ
Warn

Risky pattern detected. Execution flagged for review. Human confirmation recommended before proceeding.

Triggers: destructive SQL, elevated permissions, suspicious packages
๐Ÿ”ต
Review

New in v4.0.0-rc1. Heuristic suspicion score 60โ€“100 but no deterministic rule fired. Human review required.

Triggers: unknown patterns, suspicious context, heuristic flags
โœ…
Allow

No threat patterns detected. Heuristic score below threshold. Safe to execute. Logged to audit trail.

Triggers: clean code, standard commands, validated operations
Live Demo

Three commands.
Three verdicts. Instant.

Every scan returns a risk score, a rule ID, and a human-readable explanation. No dashboards. No config.

Blocked
โ€บ /scan rm -rf /
analyzing...
 
๐Ÿ›‘ BLOCK โ€” 100/100
Rule: R01.DESTRUCTIVE_SHELL
โ†ณ Wiper pattern. Permanent filesystem destruction.
โ†ณ Execution prevented. Credit not consumed.
BLOCKR01 ยท score 100
Review โ€” New in v4
โ€บ /scan curl api.unknown.io/run
analyzing...
 
๐Ÿ”ต REVIEW โ€” 62/100
Heuristic: unknown endpoint + exec pattern
โ†ณ No rule matched. Suspicion score 62/100.
โ†ณ Human review required before execution.
REVIEWheuristic ยท score 62
Allowed
โ€บ /scan console.log("hello")
analyzing...
 
โœ… ALLOW โ€” 0/100
Rule: R00.CLEAN
โ†ณ No threat patterns detected.
โ†ณ Safe to execute. Logged to audit trail.
ALLOWR00 ยท score 0
Security Architecture

Five layers.
Zero gaps.

A layered defense where every unknown threat is captured โ€” nothing silently passes as ALLOW.

Layer 1
โš™๏ธ
Deterministic Rules

121 Active Governance Controls. Known threats blocked instantly. Same input, same verdict.

Layer 2
๐Ÿง 
Heuristic Detection

77 suspicion patterns score unknown threats 0โ€“100. Catches what rules miss.

Layer 3
๐Ÿ”ต
Review Verdict

Score โ‰ฅ60 with no rule match โ†’ human review required. Nothing silently allowed.

Layer 4
๐Ÿ“‹
Audit Trail Logger

SHA-256 chained logs. Every decision immutable. Tamper-evident. Export-ready.

Layer 5
๐Ÿ“Š
Evidence Collection

Feedback loop captures FP/FN data. Continuous improvement from real scans.

Industry Governance Modules: Banking Governance Shield ยท MENA Governance Shield ยท Web3 Governance Shield ยท AI Runtime Governance Shield
Audit Trail & Compliance

Every decision.
Immutable.

SHA-256 chained logs. Enterprise-grade accountability. Regulatory-ready audit exports.

๐Ÿ”’
Immutable Logs

SHA-256 chained. Tamper-evident. Every verdict recorded permanently.

โœ…
Full Accountability

Who scanned what, when, and what verdict was returned. Complete trace.

๐Ÿ“„
Executive Summary

PDF reports with risk overview, verdict breakdown, and recommendations.

๐Ÿ›๏ธ
Regulatory Aligned

MENA sovereign architecture. Banking governance controls, audit trail, and policy enforcement. Audit exports available.

๐Ÿข
Enterprise Grade

Dedicated deployment. Custom policy engine. Air-gap capable.

6 Scan Engines

Six engines.
One interface.

All via @teoslinker_bot on Telegram. Auto-detection routes your input to the right engine automatically.

๐Ÿ›ก๏ธ
/scan <command>
AI Command Security

Detects and prevents dangerous AI-generated commands before execution. 64 core rules covering wiper patterns, injection, privilege escalation, and secret leakage. 10 MENA governance controls (RFM/NIK) enforce regional zero-trust banking and identity verification.

Active
๐Ÿ™
/github <url>
Repository Security

Deep GitHub repository analysis for risky code patterns, hardcoded secrets, dangerous dependencies, and security misconfigurations across the entire codebase.

Active
โ—Ž
/solana <address>
Solana Security Engine

29 dedicated Solana rules. Scans SPL tokens, mint authorities, upgrade authority, freeze authority, liquidity concentration, and holder distribution.

Enhanced
โ—†
/scan-token <address>
Token Intelligence

Full token analysis: mint authorities, holder concentration, liquidity depth, and authority controls. Generates PDF reports with TOKEN OVERVIEW, OWNERSHIP, and AUTHORITY sections.

Enhanced
โฌก
/evm <code>
EVM Security Engine

10 dedicated EVM/Solidity rules. Detects reentrancy, unchecked calls, integer overflow, access control gaps, and oracle manipulation patterns.

Enhanced
โšก
Auto-Detection
Smart Auto-Routing

Paste anything โ€” code, addresses, URLs, manifests. The auto-detection engine identifies content type with 85%+ confidence and routes to the correct scanner automatically.

Active
MENA Regional Compliance

RFM / NIK Zero-Trust Framework.
Sovereign by Design.

10 dedicated rules for Central Bank digital payments and national identity verification โ€” purpose-built for MENA financial infrastructure.

โœ“
RFM-001 ยท Settlement MutationPost-signature account field reassignment detection โ€” prevents ledger manipulation after cryptographic verification.
โœ“
RFM-002 ยท Idempotency BypassDetects disabled settlement idempotency checks that could allow duplicate processing.
โœ“
RFM-003 ยท Open Banking ScopeWrite verb execution without validated consent โ€” blocks aggregation scope violations.
โœ“
RFM-004 ยท Field ReassignmentAccount target modification post-transaction signing โ€” detects settlement tampering.
โœ“
RFM-005 ยท Scope EscalationAggregation read scope escalated to write without re-authentication.
โœ“
NIK-001 ยท Stubbed VerificationDigital identity verification hard-coded to return true โ€” blocks national ID bypass.
โœ“
NIK-002 ยท Missing VerificationSignature constructed but never passed to verification logic.
โœ“
NIK-003 ยท Short-Circuited VerifyVerification OR-chained with true literal โ€” cryptographic check bypassed.
โœ“
NIK-004 ยท Flag-Based KYC BypassIdentity check skipped via environment flag without audit logging.
โœ“
NIK-005 ยท Silent Identity BypassAuth branch proceeds without identity check and lacks audit telemetry.
Banking Governance Controls Zero-Trust Settlement National ID Integrity Pre-Execution BLOCK
๐Ÿฆ

Banking & Financial Services

Deterministic governance controls for:

โ€ข Core Banking Systems
โ€ข FinTech Platforms
โ€ข Payment Infrastructure
โ€ข AML / Risk Monitoring
โ€ข Human Approval Workflows
โ€ข Audit Integrity Services
โ€ข Regulatory Reporting
โ€ข Pre-Execution Policy Enforcement
Competitive Position

A runtime AI governance & enforcement layer.

Most tools scan post-commit. TEOS is built to block before the command runs โ€” a different threat model from static code scanning.

Capability ๐“‚€ TEOS Sovereign Sentinel v4 GitGuardian Snyk Checkmarx
Pre-execution blocking โœ… Yes โŒ Post-commit โŒ Post-commit โŒ No
REVIEW verdict (human-in-loop) โœ… v4.0.0-rc1 โŒ No โŒ No โŒ No
Heuristic suspicion scoring โœ… 77 patterns โŒ No โŒ No โš ๏ธ Limited
Solana / EVM native rules โœ… 39 rules โŒ No โŒ No โŒ No
Telegram-native (zero setup) โœ… Yes โŒ No โŒ No โŒ No
AI agent native design โœ… Yes โŒ No โŒ No โŒ No
Supply chain audit โœ… All tiers โœ… Yes โœ… Yes โœ… Yes
Free tier (no signup) โœ… Release Candidate โŒ No โš ๏ธ Limited โŒ Enterprise

Frequently Asked Questions

What does TEOS scan for?

121 Active Governance Controls across 5 layers: 64 core rules (secrets, injections, malware, crypto miners, data exfiltration), 29 Solana rules (program security, account validation, authority checks), 10 EVM rules (reentrancy, flash loans, access control, oracle manipulation), 8 banking rules (CBDC ledger manipulation, SWIFT/ISO 20022, FIX protocol, front-running, reserve key leaks), and 10 MENA governance controls (RFM settlement integrity, NIK identity verification, zero-trust framework).

How do I scan code from the terminal?

Two ways: run directly (node teos.js scan <file>) or install globally (npm link then teos scan <file>). Pipe code via stdin: cat script.sh | teos scan.

Is there a desktop app?

Yes — the TEOS Desktop (Beta) is an Electron app with system tray monitoring, live health polling of all 4 Railway services, and native OS notifications for BLOCK verdicts. Launch with cd desktop && npm start.

How do I install the browser extension?

Open chrome://extensions, enable Developer mode, click “Load unpacked”, and select the extensions/browser/ folder. Scan any page or GitHub file with one click.

How do I install the VS Code extension?

From extensions/vscode/, run npx vsce package to create a .vsix file, then install via Extensions → Install from VSIX. Adds right-click TEOS scan on any file or selection.

Is my code sent to an external API?

Yes — the CLI, desktop app, and extensions send code to the TEOS risk engine for scanning. No code is stored after scanning. Self-hosted deployments available on Enterprise.

How is TEOS different from a linter?

Linters check syntax and style. TEOS checks security, supply-chain risk, Solana/EVM safety, and prompt injection — things a linter cannot detect.

What AI model commands are available?

/claude, /llama3, /qwen, and /openai — each routes your scan through a different AI model for analysis. Credit costs vary by model.

Will pricing change after the beta?

Yes. Every tier listed under "RC Price" is temporary. At General Availability, Free moves to a 25-scan/month cap, Pro becomes $49/mo, Team becomes $199/mo, and Enterprise moves from custom pilot pricing to $25K–$50K/yr. RC registrants keep a discounted rate on Pro and Team for 12 months after GA.

๐Ÿค– /help โ€” All Bot Commands

Type /help in @teoslinker_bot anytime to see this reference.

๐Ÿ” Analysis & Security
/scan <code>Scan shell commands or raw code
/scan-solana <code>Scan Solana programs
/evm <code>Scan EVM smart contracts
/solanatoken <addr>Token intelligence (5cr)
/diligence <addr>On-chain due diligence (15cr)
/fullreport <addr>Full token risk report PDF (20cr)
/deps <pkg>Dependency scan (Pro+)
/ci <wf>CI/CD audit (Team+)
๐Ÿค– AI Agent (Multi-Model)
/modelSelect active AI model
/llama3Quick-select Llama 3 8B
/qwenQuick-select Qwen 3 32B
/openaiQuick-select GPT-OSS 20B
/chat <msg>Chat with model (1-3cr)
/claude <msg>Claude + TEOS firewall (5cr)
๐Ÿ›ก๏ธ Protection & Account
/protect onEnable auto-moderation
/protect offDisable auto-moderation
/protect statusProtection status
/creditsView balance & usage
/plansSubscription tiers
/upgradeBuy credits or upgrade
/statusSystem health dashboard
/dashboardCommand Center web UI
/feedback <msg>Report issues
โœ… ALLOW โš ๏ธ WARN ๐Ÿ”ต REVIEW ๐Ÿšซ BLOCK
Desktop (Beta) โฌ‡ Download
Browser Ext โฌ‡ Download
VS Code Ext โฌ‡ Download
/help All commands
What's New

v4.0.0-rc1 โ€” The Foundation Update.

Every major gap from the v3 audit addressed. Heuristics, REVIEW verdict, Solana intelligence, and auto-detection โ€” all shipped.

โœ“
Review Verdict EngineHeuristic score โ‰ฅ60 triggers human review. Nothing silently passes as ALLOW.
โœ“
Heuristic Suspicion Engine77 patterns across 7 signal categories. Scores unknown threats 0โ€“100.
โœ“
Auto Detection Engine85%+ confidence content routing. Paste anything โ€” engine identifies and routes.
โœ“
/scan-solana CommandNew alias for Solana scanning. Faster access to 29 dedicated rules.
โœ“
Solana Token IntelligenceFull TOKEN OVERVIEW, OWNERSHIP, AUTHORITY, CONCENTRATION in PDF reports.
โœ“
Enhanced PDF ReportsProfessional executive summary. Full audit trail. Enterprise-ready format.
โœ“
Audit Trail & FeedbackImmutable SHA-256 chained logs. FP/FN feedback loop for continuous improvement.
โœ“
Beta DashboardRegistration, analytics, metrics, scan history โ€” all in the Command Center.
โœ“
Performance & StabilityToken Bucket rate limiter. Circuit Breaker. Redis cache with memory fallback.
Enterprise & Government

Sovereign Pilot Portal.
Multi-Tenant Security.

7 tenants live. Per-tenant login, activation lifecycle, 3-month pilot windows. Built for MENA sovereign deployment.

โœ“
Multi-Tenant Login Gate7 tenants: Uganda, Egypt, UAE, KSA, Qatar, US, Solana Foundation. Universal admin credentials.
โœ“
Activation LifecycleFirst-login triggers activation service. Credit ledger dormant until tenant authenticates.
โœ“
3-Month Pilot WindowsPer-country start dates with auto-expiry. Uganda (Jun 21), MENA (Jul 1), US (Aug 1).
โœ“
CORS-Free DeploymentPHP proxy on Hostinger forwards scans to Railway. No CORS issues. Zero config.
โœ“
Law Over CodeDeterministic 121 Active Governance Controls. Human-in-the-loop. No autonomous execution.
โœ“
Enterprise OutreachVerified contact database for Solana Foundation, MCIT Egypt, TDRA UAE, CST KSA, CRA Qatar, CISA US.
View Transparency Dashboard โ†’

Start free.
Block the first threat
in 60 seconds.

Open Telegram. Message @teoslinker_bot. Paste your first command. Get your verdict. No account. No credit card.

๐ŸŸข Open @teoslinker_bot โ†’ Enterprise inquiry โ†’
๐Ÿ›‘ BLOCKrm -rf / ยท R01.DESTRUCTIVE_SHELL ยท 100/100 โš ๏ธ WARNDROP TABLE users; ยท R09.SQL_INJECTION ยท 75/100 ๐Ÿ”ต REVIEWcurl https://api.unknown.io/run ยท suspicion 62/100 โœ… ALLOWconsole.log("hello") ยท R00.CLEAN ยท 0/100 ๐Ÿ›‘ BLOCKeval(atob("...")) ยท R07.BASE64_EXEC ยท 88/100 ๐Ÿ”ต REVIEWnpm install unknown-pkg@latest ยท suspicion 55/100 ๐Ÿ›‘ BLOCKchmod 777 /etc/passwd ยท R02.CHMOD_ESC ยท 90/100 โœ… ALLOWgit status ยท R00.CLEAN ยท 0/100 ๐Ÿ›‘ BLOCKrm -rf / ยท R01.DESTRUCTIVE_SHELL ยท 100/100 โš ๏ธ WARNDROP TABLE users; ยท R09.SQL_INJECTION ยท 75/100 ๐Ÿ”ต REVIEWcurl https://api.unknown.io/run ยท suspicion 62/100 โœ… ALLOWconsole.log("hello") ยท R00.CLEAN ยท 0/100 ๐Ÿ›‘ BLOCKeval(atob("...")) ยท R07.BASE64_EXEC ยท 88/100 ๐Ÿ”ต REVIEWnpm install unknown-pkg@latest ยท suspicion 55/100 ๐Ÿ›‘ BLOCKchmod 777 /etc/passwd ยท R02.CHMOD_ESC ยท 90/100 โœ… ALLOWgit status ยท R00.CLEAN ยท 0/100
Featured Update
๐Ÿš€ We Are Client 0

TEOS Sovereign Sentinel is built on the same infrastructure it protects. Every command we ship is scanned by our own engine before it executes. We don't sell security we don't use. We are the first customer, the proof of concept, and the living audit trail.

Railway Deployed ยท Activation Service Active ยท Audit Trail Active

Built in Alexandria, Egypt ยท Elmahrosa International ยท teostech.online
RC Program

Be among the
first testers.

Limited access. Real product. Your feedback shapes v4.2.

10+
Target Testers
Goal
100+
Target Scans
Evidence
v4.2
Next Release
Data-Driven
  • Beta registration
  • Telegram bot interface (@teoslinker_bot)
  • Auto detection & smart routing
  • Solana token intelligence
  • Feedback collection system
  • Analytics & metrics dashboard
  • PDF reports & audit trail
  • Continuous improvement loop
teostech.online ยท @teoslinker_bot

Open @teoslinker_bot on Telegram. Try the RC. Get your first scan in 60 seconds. No account. No credit card.


๐ŸŸข Try RC โ†’
Beta Testers
Real Scans. Real Results.
Every tester shapes the next version. Share your scan, your screenshot, or your story โ€” it gets featured here.
๐Ÿ‘ค
Beta Tester #1
CS Graduate ยท Agentic AI Engineer
"I ran about 15 different test scans covering various commands, hardcoded secrets and credentials, destructive shell commands, and a GitHub repository scan. I'm happy to share the detailed results."
15 scans ยท June 13, 2026
BLOCK WARN REVIEW ALLOW All 4 verdicts tested
โ–ถ Explore Replay
+
Your Scan Here
Run a scan. Take a screenshot.
Share it on Telegram.
Get featured.
๐Ÿ”‘ Try the Bot โ†’
๐Ÿ’ฌ Join the Beta Community
Share your scan reports, screenshots, and feedback with other testers on Telegram.
๐Ÿ’ฌ Join RC Chat โ†’
Pricing

Beta pricing now.
Standard pricing at GA.

Every tier is free to use during Release Candidate. Prices below take effect at General Availability โ€” RC testers who register keep a founding-member discount for their first 12 months.

๐ŸŸฃ All 4 tiers below show Beta (now) vs After RC / GA pricing โ€” every tier's price will change at GA.
RC ยท Now
๐ŸŸฆ Free
RC Price
$0
After RC / GA
$0/mo

Always-free tier. Usage caps apply at GA.

  • Beta: all 6 engines, no cap
  • GA: 25 governance actions / month
  • 4 verdicts incl. REVIEW
  • Telegram bot access
  • Community support
Join Release Candidate โ†’
RC ยท Pilot Access
๐ŸŸช Team
RC Price
$0pilot
After RC / GA
$199/mo

For small teams sharing scan credits and review queues.

  • 5,000 governance actions / month
  • Shared team dashboard
  • REVIEW queue assignment
  • CI/CD integration
  • Email + chat support
Request Team Pilot โ†’
๐ŸŸง Enterprise
RC Price
Custompilot
After RC / GA
$25Kโ€“$50K/yr

MENA sovereign / institutional deployments.

  • Dedicated deployment
  • Custom policy engine
  • Air-gap capable
  • Full audit log export
  • SLA + named support
Contact for Pilot โ†’
โš ๏ธ RC pricing notice: Release Candidate is free across every tier so testers can fully exercise the product. All prices shown under "After RC / GA" are current targets and may change before General Availability. Testers who register during Release Candidate keep a discounted founding-member rate on Pro and Team tiers for 12 months after GA. Enterprise pricing is always quoted per deployment.
Claude Partner Network โ€” Registered Member
Elmahrosa International ยท Built in Alexandria, Egypt ยท Sovereign AI Infrastructure