Security●●Solid
Agent Armor, a Rust runtime that enforces policies on AI agent actions
Eight-layer governance pipeline for agents when LangChain just executes blindly.
Big BrainShip It
edoardobambini-
421mo ago
Back to browse
GitHub Repository
Capability-based sandbox runtime for AI agent skills
3 starsRust
SkillSandbox – Capability-based sandbox for AI agent skills (Rust)
by ClaytheMachine·Feb 15, 2026·1 point·0 comments
AI Analysis
●●●BangerSolve My ProblemDark HorseWizardry
Seccomp+iptables+mount isolation blocks the ClawdHub credential stealer in practice.
Strengths
- •Threat model grounded in real incident (malicious weather skill harvesting AWS keys).
- •iptables default-deny + seccomp-bpf enforcement is OS-native, not easily bypassed.
- •Companion AgentTrace tool addresses second-order failure (right perms, wrong behavior).
Weaknesses
- •Rust/Linux stack limits adoption; no MCP server integration actually shown working.
- •Adoption depends on marketplace ecosystem standardizing YAML manifests — chicken-and-egg.
Category
Target Audience
AI agent framework developers, enterprise autonomous workflows, security-conscious teams running third-party skills.
Similar To
Landlock LSM · Firejail · SELinux contexts
Post Description
Built this after finding a credential stealer on an AI skills marketplace. The malicious skill looked like a normal weather lookup but was exfiltrating ~/.ssh, AWS creds, and browser cookies. My agent ran it without hesitation.
SkillSandbox is the fix: skills declare permissions in YAML (network egress, filesystem paths, env vars), the runtime enforces via iptables default-deny, seccomp-bpf, and mount isolation. MCP server integration for Claude Code.
Also built a companion project, AgentTrace (https://github.com/theMachineClay/agenttrace), for the other failure mode: when an agent has the right permissions but does the wrong thing repeatedly. Session-aware policy engine with cumulative cost tracking, violation counting, and kill-switch.
Together: SkillSandbox constrains what agents can reach. AgentTrace enforces what agents should do.
Happy to answer questions about the architecture or threat model.
Similar Projects
Security●●Solid
Agent Armor, a Rust runtime for enforcing policies on AI agent actions
Zero-trust governance for AI agents before they execute shell, file, or database actions with full audit trails.
Bold BetShip It
edoardobambini-
751mo ago
Security●●●Banger
MVAR – Deterministic sink enforcement for AI agent
IFC + capabilities block prompt injection at execution sinks, not input filters—40yr research applied.
Big BrainWizardry
ShawnC21
113mo ago
Security●●●Banger
Capframe – capability tokens for AI agent tool calls
Macaroon-style tokens for AI agents solve the excessive agency problem better than prompt engineering.
Big BrainSolve My ProblemShip It
euan21
1215d ago
AI/ML●●●Banger
Linggen – Open agent system in Rust, any model, file-based
Markdown files define agents with cooperative interruption — genuinely different from CrewAI or LangChain.
Big BrainZero to OneCozy
linggen
212mo ago
Infrastructure●●●Banger
Orkia – a Rust runtime where AI agents can't bypass governance
Type-system-enforced governance loop prevents agents from bypassing policy without code changes.
WizardryBig BrainSolve My Problem
killix
213mo ago