HN Showcase
Back to browse
GitHub Repository

Agent Interaction Firewall for AI tool calls. Runtime security for MCP and function-calling with <5ms P99, 20+ threat detection layers, formal verification.

9 starsRust

VellaVeto – Fail-closed runtime proxy for MCP tool calls, in Rust

by paolovella·Mar 3, 2026·1 point·1 comment
Visit ProjectView on HN

AI Analysis

●●●BangerWizardryBig BrainShip It

Formal verification + 20 threat layers for AI agent security at sub-5ms latency.

Strengths
  • Formal verification of 132 properties across 5 tools signals genuine rigor, not buzzword coverage.
  • Fail-closed proxy architecture means zero trust by default—agents can't exfiltrate or exploit unless explicitly permitted.
  • Wire-protocol interception at MCP level means zero code changes to existing Claude/LLM deployments.
Weaknesses
  • MPL/Apache/BUSL triple-license is complex for enterprises; adoption friction vs. simpler single license.
  • Marketing leans on metric inflation (232 audit rounds, 9950 tests) that doesn't distinguish from competitors like Confident AI or Hugging Face TrustyAI.
Category
Security
Target Audience

AI/ML engineers, enterprise DevSecOps teams, agentic AI developers

Similar To

Confident AI · Hugging Face TrustyAI · Guardrails AI

Similar Projects

Security●●●Banger

VellaVeto — blocks unsafe MCP tool calls by default

Fail-closed MCP gateway with formal verification and MCPSEC benchmark suite.

Big BrainWizardryZero to One
paolovella
212mo ago