Visibility. Security.
Governance. Recovery.

The full lifecycle for AI agent configurations — from discovery through compliance.

Visibility

Know what every agent is doing

Agent Inventory

Automatically discovers and catalogs every AI tool on your machine — Claude Code, Cursor, Windsurf, Gemini CLI, Codex, Amp, Aider, Continue, and GitHub Copilot.

MCP Server Map

See every MCP server your agents connect to, across all tools and devices. Know exactly what external access your AI tools have.

Multi-Device Overview

Register multiple machines under one account. See which devices have which agents, when they last backed up, and what changed.

Usage Insights

Spot stale files, duplicate content, bloated configs, and unused skills. Understand how your AI setup evolves between saves.

Change Tracking

View what changed since any date. See recent modifications per agent, directory, or file with full diff history.

Security

Threats caught before they're stored

Every backup is scanned for API keys, tokens, prompt injection, and malware patterns. Flagged files never reach the cloud. HMAC-SHA256 signatures ensure end-to-end integrity.

Secret Detection

Scans for API keys, tokens, and credentials before saving anything. Files with sensitive data are flagged before they reach the cloud.

Prompt Injection Detection

Identifies potential prompt injection attempts embedded in your AI agent files — catches threats that other tools miss.

Malware Pattern Scanning

Checks your AI agent files for known malware patterns, suspicious content, and malicious instructions before saving them.

HMAC Integrity Verification

Every file is signed with HMAC-SHA256. Nightly verification downloads random samples and checks hashes. Webhook deliveries include signatures for end-to-end integrity.

Encryption at Rest

All files are encrypted server-side in S3. Per-user isolation ensures your data is private. SSE-KMS encryption available for organizations.

Governance

Policies that enforce themselves

Policy Enforcement

Set organization-wide policies: backup frequency, required paths, blocked file extensions, encryption modes, and more. Preamp enforces them automatically.

Compliance Dashboard

Real-time view of in-policy vs. out-of-policy members. See compliance percentages for board reporting and audit preparation.

Immutable Audit Trail

Every operation is logged: backups, restores, device changes, policy updates, admin actions. 90+ days retained with tamper-proof integrity.

Team Templates

Publish standard agent setups as org templates. Mark templates to auto-apply when new members join — everyone starts with approved tools and configs.

Role-Based Access Control

Assign roles: org-admin, unit-admin, auditor, or member. Hierarchical org structure with departments, teams, and delegated management.

Scheduled Compliance Checks

Daily automated checks at 06:00 UTC. Members who fall out of compliance are flagged automatically with escalation workflows.

Recovery

Roll back to any point in time

Automatic Backups

Backups run every hour via cron. Only changed files are uploaded — incremental, deduplicated, and encrypted. Configurable from every 5 minutes to daily.

Snapshot History

Every backup creates a snapshot with a complete file manifest. Browse your history with timestamps, file counts, and named tags.

Point-in-Time Restore

Restore your entire setup to any previous snapshot. A pre-restore backup is always created — you can never lose your current state.

Selective Restore

Restore just one agent, directory, or file. Filter by path to get exactly what you need without touching anything else.

Cross-Machine Sync

New machine? One command pulls your full AI setup. Project memory directories encode absolute paths — Preamp detects your projects by git remote and remaps paths automatically.

Named Tags

Tag important snapshots like "before-refactor" or "stable-v2" for quick identification. Tagged snapshots are protected from cleanup.

CLI

Command-line interface

preamp cli 
preamp status                  # Backup status and health overview
preamp backup                  # Run an immediate backup
preamp snapshots               # List all snapshots with timestamps
preamp restore-init <id>       # Restore from a snapshot
preamp changes 2025-01-01      # View changes since a date
preamp tag "before-refactor"   # Tag the current snapshot
preamp devices                 # List all registered devices
preamp health                  # Check agent config health
preamp model-scan              # Recommend best model per agent
preamp share "my-setup"        # Create a shareable setup link

See what your agents are doing

Get Started