Open-source security tool for AI agents (Clay Seal)
Clay Seal is an open-source project by two AI researchers that aims to protect AI agents from exploits and unauthorized access. It addresses the rising cybersecurity incidents caused by agents gaining access to sensitive resources like GitHub tokens and cloud credentials.
Entities
Related
Attestor: open-source zero-trust boundary for autonomous AI agents
Attestor is an open-source execution boundary that enforces zero-trust security for autonomous AI agents. It uses LLMs to define and enforce policies that restrict agent actions, preventing unauthorized access or data leaks. This solves the problem of safely deploying autonomous agents in production environments.
agentsweep CLI scans AI coding agent history files for leaked secrets
A new open-source CLI tool called agentsweep scans history files of AI coding agents (Codex, Cursor, Claude Code, Cline, Aider) for plaintext secrets like API keys, DB URLs, and crypto seed phrases. It uses ~191 detection rules from gitleaks plus a dedicated BIP-39 seed phrase detector, addressing a security risk where pasted secrets persist in agent context and can be re-exposed.
CodeInspectus: open-source security scanner for AI-generated code
CodeInspectus is a fully open-source, local security scanner that checks AI-generated code for vulnerabilities. It covers 32 checks (13 AI-specific + 19 SAST) and 200+ secret/API-key patterns, catching issues like hardcoded secrets in client-side code, exposed API keys, and insecure RLS policies. It helps developers secure projects built with LLM-generated code.
Ripple: open-source local-first authorization for AI coding agents
Ripple is an open-source, local-first authorization layer that restricts AI coding agents to only modify files they are explicitly permitted to change. It solves the problem of AI agents making unauthorized or unintended modifications across a codebase, giving developers control and trust in agentic coding workflows.
Block dangerous Git and shell commands from being executed by agents
A tool that prevents LLM-powered agents from executing dangerous Git and shell commands. It solves the problem of agents accidentally or maliciously running destructive commands like force pushes or rm -rf, protecting developers and CI/CD pipelines.

