Firefish docs

Firefish documentation

Concise docs for evaluating a local-first LLM security gateway and agent control plane.

Evaluate Firefish

Firefish protects the boundary where prompts, retrieved content, outputs, streaming responses, and proposed agent actions become trusted application behavior.

Start locally

Run the gateway, scan one prompt, validate one tool call, and open the operator dashboard.

Read Quickstart

Review the proof

Inspect benchmark methodology, source-aware coverage, and the public proof center.

Read Benchmarking

Doc map

  • Quickstart - first scans, tool validation, and protected chat.
  • Architecture - scanner, policy, runtime, tools, audit, and dashboard.
  • Threat Model - in-scope risks and explicit non-goals.
  • Benchmarking - recall, precision, FPR, latency, and source-aware evaluation.
  • Tool Governance - action classes, approvals, destination risk, and goal alignment.
  • Deployment Modes - local dev, Docker, private deployments, env vars, and production checks.
  • Python SDK - client calls, FastAPI guard, and tool-call validation.

Public and protected surfaces

Marketing and documentation pages are public. The operator dashboard remains under /app/ and keeps the existing dashboard authentication behavior.