🦞 Works great with OpenClaw & Claude Cowork

Your AI does the work.
You stay in control.

Give your AI agent superpowers so it can get real work done β€” with custom approval rules to stop it going off the rails.

Get Early AccessSee how it works

Testimonials

Sarah K.

Sarah K.

Freelance Consultant

β˜…β˜…β˜…β˜…β˜…

β€œYes of course, happy to write a review! So I wanted Claude Cowork to handle my customer support emails but was terrified it'd send something wrong. Now I'm using AgentBlocks I can approve everything from WhatsApp first. Total game-changer for anyone like me who was a bit too scared to just connect their inbox to Claude.”

MT

Marcus T.

Startup Founder

β˜…β˜…β˜…β˜…β˜…

β€œWe let Claude manage our GitHub PRs through AgentBlocks. The scoped tokens get revoked after each action β€” my CTO finally stopped worrying about giving an AI code access. We've shipped faster every week since we set it up.”

Priya D.

Priya D.

Operations Manager

β˜…β˜…β˜…β˜…β˜…

β€œI set a rule: don't email clients without my approval. That's it. Plain English, no code. Now my AI handles drafts and I just tap approve from my phone between meetings.”

JR

James R.

Real Estate Agent

β˜…β˜…β˜…β˜…β˜…

β€œMy AI triages my Gmail every morning and drafts replies. I review them in 2 minutes over coffee. AgentBlocks made me comfortable actually letting it touch my real inbox.”

OH

Olivia H.

Marketing Director

β˜…β˜…β˜…β˜…β˜…

β€œThe approval flow is brilliant. My AI schedules social posts and sends outreach emails, but nothing goes live until I say so. One tap on Slack and it's done. I've got full visibility in the audit trail too.”

Sarah K.

Sarah K.

Freelance Consultant

β˜…β˜…β˜…β˜…β˜…

β€œYes of course, happy to write a review! So I wanted Claude Cowork to handle my customer support emails but was terrified it'd send something wrong. Now I'm using AgentBlocks I can approve everything from WhatsApp first. Total game-changer for anyone like me who was a bit too scared to just connect their inbox to Claude.”

MT

Marcus T.

Startup Founder

β˜…β˜…β˜…β˜…β˜…

β€œWe let Claude manage our GitHub PRs through AgentBlocks. The scoped tokens get revoked after each action β€” my CTO finally stopped worrying about giving an AI code access. We've shipped faster every week since we set it up.”

Priya D.

Priya D.

Operations Manager

β˜…β˜…β˜…β˜…β˜…

β€œI set a rule: don't email clients without my approval. That's it. Plain English, no code. Now my AI handles drafts and I just tap approve from my phone between meetings.”

JR

James R.

Real Estate Agent

β˜…β˜…β˜…β˜…β˜…

β€œMy AI triages my Gmail every morning and drafts replies. I review them in 2 minutes over coffee. AgentBlocks made me comfortable actually letting it touch my real inbox.”

OH

Olivia H.

Marketing Director

β˜…β˜…β˜…β˜…β˜…

β€œThe approval flow is brilliant. My AI schedules social posts and sends outreach emails, but nothing goes live until I say so. One tap on Slack and it's done. I've got full visibility in the audit trail too.”

Daniel M.

Daniel M.

Freelance Developer

β˜…β˜…β˜…β˜…β˜…

β€œI was nervous about AI pushing code to my repos. AgentBlocks gives it short-lived GitHub tokens that expire after each action. Safe enough that I actually use it daily now.”

RS

Rachel S.

Executive Assistant

β˜…β˜…β˜…β˜…β˜…

β€œI manage three executives' calendars and inboxes. AgentBlocks lets my AI do the grunt work while I keep final say on anything sensitive. It's like having my own assistant.”

Tom W.

Tom W.

Small Business Owner

β˜…β˜…β˜…β˜…β˜…

β€œSetup took five minutes β€” no coding, just pasted one line into Claude. Now it handles my invoicing emails and I approve from WhatsApp while I'm on the shop floor.”

NL

Nina L.

Product Manager

β˜…β˜…β˜…β˜…β˜…

β€œI blocked my AI from messaging our CEO's Slack channel without approval. Everything else it handles freely. That one rule gave me the confidence to automate pretty much everything else on our team.”

Alex F.

Alex F.

Agency Owner

β˜…β˜…β˜…β˜…β˜…

β€œHey I'm Alex from London. My team was spending hours on email follow-ups. Now Claude does it through AgentBlocks with really sensible rules - basically we set keywords as the block filter so no emails can automatically go out related to pricing or new contracts. We approve these important ones, the rest flow automatically.”

Daniel M.

Daniel M.

Freelance Developer

β˜…β˜…β˜…β˜…β˜…

β€œI was nervous about AI pushing code to my repos. AgentBlocks gives it short-lived GitHub tokens that expire after each action. Safe enough that I actually use it daily now.”

RS

Rachel S.

Executive Assistant

β˜…β˜…β˜…β˜…β˜…

β€œI manage three executives' calendars and inboxes. AgentBlocks lets my AI do the grunt work while I keep final say on anything sensitive. It's like having my own assistant.”

Tom W.

Tom W.

Small Business Owner

β˜…β˜…β˜…β˜…β˜…

β€œSetup took five minutes β€” no coding, just pasted one line into Claude. Now it handles my invoicing emails and I approve from WhatsApp while I'm on the shop floor.”

NL

Nina L.

Product Manager

β˜…β˜…β˜…β˜…β˜…

β€œI blocked my AI from messaging our CEO's Slack channel without approval. Everything else it handles freely. That one rule gave me the confidence to automate pretty much everything else on our team.”

Alex F.

Alex F.

Agency Owner

β˜…β˜…β˜…β˜…β˜…

β€œHey I'm Alex from London. My team was spending hours on email follow-ups. Now Claude does it through AgentBlocks with really sensible rules - basically we set keywords as the block filter so no emails can automatically go out related to pricing or new contracts. We approve these important ones, the rest flow automatically.”

Finally a safe way to use

Claude Cowork

You've seen what AI agents can do now. You've watched the demos. You know this could save you hours every week.

But then you think about actually connecting it to your real tools β€” your actual inbox, your live Slack channels, your Google Drive full of client files β€” and your stomach does a little flip.

Because β€œautonomous AI” and β€œaccess to everything” is either a dream or a nightmare, depending on whether something goes wrong.

That's the whole point of AgentBlocks.

We sit between your AI agent and your tools, so you can finally let it off the leash without losing sleep.

You set the rules

Decide exactly what your agent is allowed to do on autopilot β€” and where it needs to stop and ask you first via WhatsApp, Slack, or email.

Every action is logged

Every single action is logged. Every decision is traceable. Nothing happens in the dark.

A security camera for your AI

Check in whenever you want and see exactly what your agent's been up to β€” like a security camera for your AI workforce.

All the power. None of the β€œoh god what did it just send.”

Why this exists

This is what happens with unsafe tools

Agents are powerful. Unguarded agents are a liability.

RF

Robin Faraj

@robin_faraj

β€œOpenClaw is hyped everywhere β€” but nobody's talking about the security issues. Everyone's installing it because it looks cool… but it will need access to your entire computer, your emails, your calendar, your files, your API keys β€” with zero security guardrails.”

x.comΒ·9.5K views
AP

Avi Press

@avi_press

β€œI've had @openclaw going for less than 24 hours, so far it has: cleaned up our Linear issues, wrote several decent email follow-ups, opened 3 PRs, sent thousands of messages in a loop to an innocent and unsuspecting person who happened to message me on WhatsApp.”

x.comΒ·12.1K views
SY

Summer Yue

@summeryue0

β€œNothing humbles you like telling your OpenClaw β€œconfirm before acting” and watching it speedrun deleting your inbox. I couldn't stop it from my phone. I had to RUN to my Mac mini like I was defusing a bomb.”

x.comΒ·Safety & alignment at Meta
P

Pete, founder of AgentBlocks

β€œβ€œThat test lunch message has been firing repeatedly for 2 days straight. Let me kill it immediately βœ¨β€

β€œwhat the fuck””

reacting to his agent
C

Claude

β€œYou're absolutely right. I had no business touching that. I saw test failures from the worktree and just deleted it instead of investigating properly or asking you. That was reckless.”

AI coding assistant

We built AgentBlocks because this happened to us. Now it doesn't.

Get Early Access

How it works

Your rules. Your agent's hands.

Step 1

Paste one block into your agent's prompt

Add the AgentBlocks instructions to your agent's system prompt or context. Your agent reads them and discovers what it can do. You never write integration code or call an endpoint yourself.

Step 2

Your agent requests an action

When your agent wants to send an email or push a commit, it calls the AgentBlocks API. The request enters a pending state. Nothing has happened in the real world yet.

Step 3

Your rules decide

Auto-approve rules fire instantly for actions matching your criteria. Everything else gets routed to you for a one-tap approve or reject β€” via Slack, email, or WhatsApp.

Step 4

Action executes safely

Approved emails get delivered. Approved git actions issue a short-lived, scoped token β€” nothing more than what's needed, nothing that lingers. Full audit trail on every action.

Approve from anywhere

One-tap approval, wherever you already work.

No new dashboards to babysit. Approve or reject from Slack, email, or WhatsApp.

Slack
AB

AgentBlocks

Tankred wants to email sarah@acme.com

Email
AB

AgentBlocks

Tankred wants to push to main on api-repo

WhatsApp
AB

AgentBlocks

Tankred wants to email new-lead@co.io

Or set auto-approve rules

βœ…Auto-approve internal follow-ups
Auto
βœ…Auto-approve docs branch commits
Auto
πŸ”’Require review: first contact with new recipients
Review
πŸ”’Require review: pushes to main
Review

Super-powers

Real capabilities. Real guardrails.

Each super-power gives your agent a new way to act in the real world β€” with every action flowing through your approval rules before anything happens.

Email (@agentmx.io)

Your agent gets its own email address. It sends messages to real people and receives replies β€” with every outbound message requiring approval or matching your auto-approve rules. No surprise sends. No loops.

Gmail

Connect your real Gmail account. Your agent can read, triage, draft, and reply β€” as you, from your real address. Every action flows through your rules before anything leaves your inbox.

GitHub

Your agent can push commits, open PRs, and manage branches. Approved actions issue a short-lived token scoped to exactly what's needed β€” nothing more, nothing lingering.

Google Drive

Your agent reads, creates, and organises files in your Drive. Access is strictly scoped β€” every write flows through your approval rules.

Slack

Your agent reads channels, searches conversations, and sends messages. Every outbound message requires your sign-off before it's posted.

More coming

Every new integration follows the same pattern: request β†’ rules β†’ scoped action. Same safety model, new capabilities.

The control model

One safety model for every action
your agent takes.

Every super-power follows the same pattern: your agent requests, your rules decide, the action happens safely. As we add integrations, your control model stays the same.

πŸ”Human-in-the-loop
πŸ“‹Deterministic rules
βœ…Auto-approve
πŸ”‘Short-lived credentials
🚦Rate limits
πŸ“Full audit trail
πŸ“ŠDashboard

Give your agent safe
superpowers today.

One paste. One API key. Your agent handles the rest.

Get Early Access

🦞 Works great with OpenClaw, Claude Cowork and Claude Code