Skip to main content
Most issues come down to one of a handful of causes. Start with pgshadow status, then work down this list.

Traffic isn’t being intercepted

If prompts pass through with no verdicts showing up, the agent isn’t seeing the traffic. Check, in order:
1

Confirm the agent is running and healthy

pgshadow status
This reports whether the proxy is up, the certificate is trusted, and the engine is reachable. pgshadow doctor runs the same checks with more detail.
2

Confirm the proxy is applied to the right network service

The PAC proxy must be set on the network service you’re actually using (Wi-Fi vs. Ethernet vs. VPN). Switching networks can leave a service without the proxy. Re-run the agent’s start flow, or check System Settings → Network → Proxies.
3

Confirm the CA is trusted

If TLS interception fails, the browser or app will error or fall back. Make sure the PromptGuard CA is present and trusted in the keychain.

Gemini / Chrome traffic slips past

Chrome and some Google properties (including Gemini) prefer QUIC / HTTP-3, which runs over UDP and can route around the HTTP proxy entirely — so that traffic is never inspected. Fix: disable QUIC via browser policy. In a managed fleet, push a policy that turns off the experimental QUIC protocol (for Chrome, the QuicAllowed=false enterprise policy). With QUIC off, the browser falls back to HTTPS over the proxy and inspection resumes.

A specific app is never inspected

Some native desktop apps pin their own certificate and reject the agent’s CA outright. These bypass any inspection proxy and are out of scope by design — this is not a misconfiguration. See Known Limitations for the full list and the coverage policy.

The engine is unreachable

The agent calls a remote /guard engine for each verdict. If it can’t reach the engine, it waits up to 8 seconds, then fails open — the request is allowed through rather than blocking the employee’s work.
  • A short spike of allowed-without-verdict events during a network blip is expected, not a bug.
  • If it’s persistent, check connectivity to the engine (pgshadow status / pgshadow doctor) and, for self-hosted deployments, that the engine instance is healthy. See Deployment Modes.
Fail-open is the shipping behavior: availability of AI tools is preserved during an outage. If your environment requires fail-closed, contact support@promptguard.co to discuss options.

Collecting logs for support

When you open a ticket, include the output of: 
pgshadow status
pgshadow doctor
These report proxy, certificate, and engine health without exposing prompt content — the local event log is PII-redacted. Send the output to support@promptguard.co.

Next steps

Known limitations

What’s out of scope and why.

Privacy & data handling

What the agent logs and what reaches the cloud.