HN Showcase
Back to browse
Capframe – capability tokens for AI agent tool calls

Capframe – capability tokens for AI agent tool calls

by euan21·May 19, 2026·1 point·2 comments
Visit ProjectView on HN

AI Analysis

●●●BangerBig BrainSolve My ProblemShip It

Macaroon-style tokens for AI agents solve the excessive agency problem better than prompt engineering.

Strengths
  • Deterministic policy evaluator runs in single-digit microseconds with zero LLM involvement.
  • Mints attenuable, revocable capability tokens with signed denial receipts for audit trails.
  • Auto-generates compliance artifacts mapped to OWASP LLM Top 10 and NIST AI RMF.
Weaknesses
  • Security tooling relies heavily on adoption to create a meaningful threat model.
  • Complexity of managing token lifecycles might deter rapid prototyping workflows.
Category
Security
Target Audience

AI engineers and security teams building autonomous agents

Similar To

Open Policy Agent · HashiCorp Boundary · Macaroons.io

Similar Projects

Developer Tools●●Solid

ClawProxy: An HTTP proxy that injects auth tokens into API calls

It replaces real API keys with short proxy tokens (e.g. PROXY:openai) and uses an X-Upstream-Host allowlist to ensure containers can only hit approved endpoints — neat and low-friction. Comes as a tiny Rust CLI with init/secret set/start commands and clear SDK examples, so you can bolt it onto OpenClaw or Docker agents without adopting a full secrets vault.

Niche GemBig Brain
LordHumungous
203mo ago
Security●●Solid

Runtime security for AI agents(injection,tool abuse, data exfiltration)

OPA-based policy engine for AI agents blocking injection and tool abuse.

Solve My Problem
dshapi
121mo ago