Attestor: open-source zero-trust boundary for autonomous AI agents
Attestor is an open-source execution boundary that enforces zero-trust security for autonomous AI agents. It uses LLMs to define and enforce policies that restrict agent actions, preventing unauthorized access or data leaks. This solves the problem of safely deploying autonomous agents in production environments.
Visit project ↗Entities
Related
Runeward: Sandbox AI agents with policy gates
Runeward is a sandboxing tool for AI agents that enforces policy gates to restrict agent actions. It uses LLMs to interpret and enforce user-defined policies, solving the problem of unsafe or unintended agent behavior for developers building autonomous AI systems.
Cinchor: accountability layer for AI agents with bound-before and prove-after
Cinchor is a primitive that enforces policy on AI agents before they act and provides cryptographic proof of actions afterward. It allows teams to give agents real capabilities (e.g., moving money, shipping changes) while maintaining auditability and preventing out-of-policy actions. The system mints scoped capabilities (spend cap, allowlist, expiry) and checks every action against them, refusing violations before execution; actions are hashed, signed, and anchored append-only for later verification.
Ripple: open-source local-first authorization for AI coding agents
Ripple is an open-source, local-first authorization layer that restricts AI coding agents to only modify files they are explicitly permitted to change. It solves the problem of AI agents making unauthorized or unintended modifications across a codebase, giving developers control and trust in agentic coding workflows.
Hermes and OpenClaw reveal regulatory gap for autonomous agents
Two products released in early 2026, Hermes and OpenClaw, highlight a regulatory blind spot in runtime governance for autonomous agents. The products operate without clear oversight, raising concerns about accountability and safety in agentic AI systems.
CertLocker: DevOps control plane for secrets and MCP agent access
CertLocker is a DevOps control plane that manages secrets, tokens, and MCP (Model Context Protocol) agent access. It replaces .env files with a tokenized MCP approach, enabling secure, role-based access for LLM agents like Claude. The product targets agencies and teams using LLM agents for client work, solving the problem of managing credentials and access across distributed staff and contractors.
