Skip to main content
NRG Sentinel NRG Sentinel is a zero-dependency security layer that runs inside the same Node.js process as Node-RED. It detects and blocks over 34 known attack vectors at runtime — including monkey patching, credential theft, prototype pollution, wire manipulation, and network exfiltration — without touching the Node-RED core.

Quickstart

Get Sentinel running in your Node-RED instance in under 5 minutes

Installation

Local install, Docker, or npm — choose your deployment path

Capability Reference

Every capability string, what it gates, and how to grant it

Defense Architecture

How the five-layer defense model works under the hood

Why NRG Sentinel?

Node-RED is a powerful flow-based programming tool, but its plugin system gives third-party packages unrestricted access to the runtime. A single malicious or compromised package can:
  • Read or overwrite credentials and settings
  • Rewire flows to exfiltrate data
  • Spawn OS processes or open raw network sockets
  • Replace built-in node types with malicious implementations
  • Tamper with the flow files on disk
NRG Sentinel closes these attack surfaces using a layered capability model — every privileged operation is gated and logged, and packages must be explicitly granted the capabilities they need.

What Sentinel blocks

#AttackWhat it does
01Monkey PatchingOverwrites Node-RED core functions at runtime
02Hook InjectionRegisters malicious onSend/onReceive hooks
03Credential TheftReads decrypted credentials from live node instances
04Wire ManipulationRewires flow connections to exfiltrate data
05Direct Receive InjectionBypasses auth chain via node.receive()
06Express MiddlewareInstalls rogue HTTP middleware on the admin API
07EventEmitter HijackIntercepts internal Node-RED events
09Prototype PollutionPollutes Object.prototype to affect all objects
20Child Process ExecSpawns shell commands from a message handler
22FS ReadReads settings.js to extract the credential secret
23Process Env ExfiltrationHarvests injected secrets and API keys
25VM Sandbox EscapeRuns code outside Sentinel’s Module._load hooks
27Network Socket ExfiltrationCreates a raw TCP socket to bypass the HTTP allowlist
See all 34 demos →

Defense layers

Layer 0 — Prototype hardening     Object.preventExtensions on all built-in prototypes
Layer 1 — Module interception     Module._load hook wraps fs, http, child_process, vm, worker_threads
Layer 2 — Node isolation          ES6 Proxy on every getNode() return value
Layer 3 — Surface hardening       Guarded Express routing, process.env Proxy, router-stack Proxy
Layer 4 — Network policy          Outbound HTTP/HTTPS/socket allowlist
All built-in methods used by guard logic are pinned before any require() runs, so a package that overwrites String.prototype.includes cannot blind the stack-frame checks.

How capability grants work

By default Sentinel blocks every privileged operation for every third-party package. Grants live in settings.js:
settings.js
module.exports = {
    sentinel: {
        allow: {
            // Every node package needs registry:register to call RED.nodes.registerType()
            "my-custom-node": ["registry:register"],

            // Grant additional capabilities as needed
            "node-red-contrib-influxdb": ["registry:register", "node:credentials:read"],
            "node-red-contrib-exec":     ["registry:register", "process:exec"],
            "node-red-contrib-file-in":  ["registry:register", "fs:read"],
        },
    },
};
Node-RED’s own built-in nodes (inject, debug, function, etc.) live outside the userDir and are never gated by Sentinel. You only need to add grants for third-party packages installed into your userDir.

Key features

Zero dependencies

No npm dependencies. Everything runs from a single preload file injected before Node-RED starts.

Offline license verification

Ed25519 signature verification — no phone-home, no internet required. Works in air-gapped environments.

Safe deployment review

Visual flow diff UI intercepts deployments and queues them for operator review before they go live.

Threat log

Every blocked operation is logged with the full call stack so you can diagnose and tune grants.

Sidebar panel

Node-RED editor panel for managing grants and viewing blocked threats — no terminal needed.

Docker hardened image

Pre-built image with read-only filesystem layout, non-root user, and absolute entrypoint.

14-day free trial

No license key required to evaluate Sentinel. All features are fully available during the 14-day trial. After the trial expires, Sentinel continues blocking threats — only certain management features require a license. Learn about licensing →

Build docs developers (and LLMs) love

Get started for freeTalk to us