AI/ML●●●Banger
Arden – Runtime policy enforcement and governance for AI agents
Intercepts tool calls before execution to block dangerous actions like DB deletes.
Solve My ProblemBold Bet
rishabtandon
8528d ago
Back to browse
GitHub Repository
runtime-guard
14 starsPython
AI-runtime-guard – Policy enforcement layer for MCP AI agents
by JimmyRacheta·Feb 25, 2026·2 points·2 comments
AI Analysis
●●●BangerSolve My ProblemZero to One
Policy enforcement layer stops AI agents from deleting files or leaking credentials—no prompt retraining needed.
Strengths
- •Solves real, urgent problem: AI agents with shell access currently have no execution guardrails between agent decision and system impact
- •MCP-agnostic design integrates with any stdio-compatible client without modifying agent or workflow
- •Practical features (auto-backup, blast-radius simulation, audit trail, approval GUI) ship together as a product, not just blocks
Weaknesses
- •Early access stage with unclear production stability; web GUI and advanced policy tiers incomplete per author description
- •Relies on policy file maintenance; permissive defaults mean user must actively configure to get real protection
Category
Target Audience
Developers running AI agents (Claude Desktop, Cursor) with system access, security-conscious teams
Similar To
Anthropic's Secure Boot · Zephyr AI execution sandbox
Post Description
I built this after realizing that AI agents with filesystem and shell access can delete files, leak credentials, or execute destructive commands — and there's no enforcement layer stopping them at the execution level.
ai-runtime-guard is an MCP server that sits between your AI agent and your system. It enforces a policy layer before any file or shell action takes effect. No retraining, no prompt engineering, no changes to your agent or workflow.
Your agent can say anything. It can only do what policy allows.
What it does: - Blocks dangerous commands (rm -rf, dd, shutdown, privilege escalation) before execution - Gates risky commands behind human approval via a web GUI - Simulates blast radius for wildcard operations before they run - Creates automatic backups before destructive actions - Full audit trail of everything the agent does
Works with Claude Desktop, Cursor, Codex, and any stdio MCP-compatible client. Default profile is basic protection out of the box — advanced tiers are opt-in.
Validated on macOS Apple Silicon. Linux expected to work, formal validation coming in v1.1.
Would love feedback from anyone running AI agents with filesystem access.
Similar Projects
Security●●Solid
Agent Armor, a Rust runtime for enforcing policies on AI agent actions
Zero-trust governance for AI agents before they execute shell, file, or database actions with full audit trails.
Bold BetShip It
edoardobambini-
751mo ago
Security●●●Banger
Lilith-zero update: fast Rust security for agents
Transport-layer security for MCP agents stops exfiltration unlike prompt-based guardrails.
Solve My ProblemWizardry
gregojaca
201mo ago
AI/ML●●Solid
Quantlix – Runtime enforcement layer for AI systems
Schema + policy + budget enforcement at execution boundary before model hits.
Big BrainSolve My Problem
jensenjesper
103mo ago
Security●●Solid
Agent Armor, a Rust runtime that enforces policies on AI agent actions
Eight-layer governance pipeline for agents when LangChain just executes blindly.
Big BrainShip It
edoardobambini-
421mo ago
Security●●●Banger
Bulwark – Open-source governance layer for AI agents (Rust, MCP-native)
MCP gateway governing AI agent credential access with YAML policies and blake3 audit chains—fills real enterprise gap.
Solve My ProblemBold Bet
bpolania
283mo ago