No token taxCloudflare-nativeBYO executor

For wonderfully chaotic AI-native teams

Production crashes
go in. Tiny guarded
tasks come out.

RunGuard sits between your app crashes and the coding agents your team already pays for. We catch the error, apply safety policy, build a review-grade packet, and dispatch — Copilot, Cursor, Claude, or OpenAI. Your keys. Your seats. Our rails.

Connect GitHub See the routing loop

Live · GitHub CopilotLive · Claude Code ActionRoadmap · CursorRoadmap · OpenAI

DISPATCH CONSOLE

incidents today4,912

status

repo · class

executor

age

INC-4912

DISPATCHED

acme/webnull_undefined

github_copilot_issue

INC-4911

READY

acme/apiexternal_dependency

cursor_bg_agent

14s

INC-4910

QUEUED

acme/webtype_format

github_copilot_issue

31s

INC-4909

REVIEW

acme/billingmissing_config

manual

INC-4908

DISPATCHED

acme/apinull_undefined

github_copilot_issue

INC-4907

DISPATCHED

acme/workerconcurrency_timing

github_copilot_issue

↳ live · last dispatch 2s agoauto-route · safety policy v3

Crash packetsGitHub issuesBYO agentsPolicy railsYou own the agentCrash packetsGitHub issuesBYO agentsPolicy railsYou own the agent

RG-00WHAT WE OWN

Four jobs. Done well, then handed off.

RunGuard is deliberately narrow: orchestration, safety, context, tracking. Everything else — including the actual fix — runs on your AI account.

RG-01ORCHESTRATION

Orchestration

From crash signal to executor handoff in one durable pipeline. Queues, retries, dead letters — the boring rails that make the rest possible.

RG-02SAFETY POLICY

Safety policy

Protected paths, ignore patterns, never auto-merge. Apply rules before a single token gets billed to your AI account.

RG-03REVIEW CONTEXT

Review context

Every incident becomes a review-grade Markdown packet — repo, classification, frequency, suspected file, the policy that was applied.

RG-04STATUS TRACKING

Status tracking

One timeline per incident: queued, dispatched, executor run, result — with the executor's external link and hold reason attached.

RG-FLOWHOW IT ROUTESOne incident · six stations

From signal to dispatch in a single durable route.

Every error walks the same line: ingest, classify, apply policy, build the packet, dispatch, track. No skipped stops, no shortcuts.

INCIDENT ROUTE · 6 STATIONScrash → executor

01
Ingest
POST /ingest · SDK or HTTP
02
Classify
Group by signature · classify
03
Safety policy
Protected paths · ignore
04
Crash packet
Markdown context · stored in R2
05
Dispatch
Route to chosen executor
06
Track
Status timeline · audit log

← signal · received via SDK or webhookexecutor · github copilot + claude today · cursor / openai next

RG-03REVIEW CONTEXTWhat the executor actually sees

A stack trace becomes a packet worth reviewing.

Raw stacks are noise. The crash packet is structured Markdown your executor (and your reviewer) can act on — repo, classification, suspected file, the safety policy that was applied.

RAW SIGNAL · IN

received · 19:11:04 UTC

TypeError: Cannot read properties of undefined (reading 'trim')
    at parseJSON (/app/src/utils/parse.js:3:22)
    at handleSubmit (/app/src/routes/checkout.js:48:12)
    at Layer.handle [as handle_request] (/app/node_modules/express/lib/router/layer.js:95:5)
    at next (/app/node_modules/express/lib/router/route.js:144:13)
    at /app/src/middleware/auth.js:21:5
    at Layer.handle [as handle_request] (/app/node_modules/express/lib/router/layer.js:95:5)
    ...

REVIEW CONTEXT · OUTpacket · 1.2 kb · markdown

RunGuard Incident · null_undefined

Repositoryacme/web · default branch main

Serviceapi · Environment production

Frequency42 in 2h · First seen 2026-04-25 19:11 UTC

Executorgithub_copilot_issue

Task

Investigate this production error and propose a small, reviewable fix.

Prefer a failing regression test first when reproducible.

Open a PR for review — never auto-merge. Leave an investigation note if confidence is low.

Top stack frame

src/utils/parse.js:3 · parseJSON

Safety policy applied

Protected paths respected · src/auth, src/billing untouched

Ignore patterns matched · 0

Dispatched to Copilot · review required before merge

RG-EXEXECUTORSBring your own keys, your own seats

One control plane. Every fixer you already pay for.

GitHub Copilot and Claude Code Action ship today. Cursor, OpenAI, Cloudflare AI, and GitHub Actions are next. The shape stays the same: you own the model and the bill — RunGuard owns the rails.

AVAILABLE

EX-01

GitHub Copilot

We file a labeled Issue with the crash packet. Copilot picks it up.

AVAILABLE

EX-02

Claude Code Action

We file an issue prefixed with @claude. Your claude-code-action workflow fires with your key.

ROADMAP

EX-03

Cursor Background Agent

Hand off the packet to a Cursor agent run, tracked back to the incident.

ROADMAP

EX-04

OpenAI (direct)

Same shape. Your key, your model, your spend, our orchestration.

ROADMAP

EX-05

Cloudflare AI

Run the fix attempt on your Cloudflare account, billed to your gateway.

ROADMAP

EX-06

GitHub Actions

Trigger a workflow_dispatch with the packet — fix in your own runner.

RG-SAFETRUST & SAFETY

Boring guarantees. Written in policy, not marketing.

POLICY

Protected paths

Auth, billing, migrations — declared off-limits in Settings. Policy is checked before dispatch, not after.

REVIEW

Never auto-merge

We hand the executor a crash packet on a labeled Issue. Any PR the executor proposes is yours to review — merging is always a human action.

KEYS

Your keys, your account

Executor credentials live in your accounts, not ours. RunGuard never proxies your AI tokens.

TRACE

Status timeline on every incident

Every route carries its state, hold reason, executor run, and external link — from queued through merged PR.

RG-FAQQUESTIONS WORTH ASKING

Plain answers. No hand-waving.

No. RunGuard is the control plane — we ingest, classify, apply policy, and route. You bring your own GitHub Copilot seat, Cursor account, Claude key, OpenAI key, or Cloudflare AI gateway. Your compute, your model, your spend.

DispatchShip itRG-CTA · DISPATCH

Bring your own AI.
We bring the rails.

Connect a repo, install the SDK, and route your first incident in under fifteen minutes.

Connect GitHub Read the docs

Production crashesgo in. Tiny guardedtasks come out.

Four jobs. Done well, then handed off.

Orchestration

Safety policy

Review context

Status tracking

From signal to dispatch in a single durable route.

A stack trace becomes a packet worth reviewing.

RunGuard Incident · null_undefined

One control plane. Every fixer you already pay for.

GitHub Copilot

Claude Code Action

Cursor Background Agent

OpenAI (direct)

Cloudflare AI

GitHub Actions

Boring guarantees. Written in policy, not marketing.

Protected paths

Never auto-merge

Your keys, your account

Status timeline on every incident

Plain answers. No hand-waving.

Bring your own AI.We bring the rails.

Production crashes
go in. Tiny guarded
tasks come out.

Bring your own AI.
We bring the rails.