Show HN: The only CLI your AI agent will need (github.com)

A new command-line interface (CLI) tool called Earl has been introduced to enhance security for AI agents interacting with external services. Positioned between AI agents and these services, Earl protects sensitive information by storing secrets in the operating system's keychain and ensuring that all outbound requests adhere to strict, reviewed templates rather than allowing unrestricted access. This significant development addresses a critical vulnerability where AI agents with shell or network access could potentially exploit plaintext secrets and make arbitrary API calls. Earl employs a structured template system using HashiCorp Configuration Language (HCL), enabling users to define commands and their parameters while enforcing security measures such as sandboxing for Bash and SQL executions. Users can easily install Earl, regardless of operating system, through simple curl commands. Moreover, it features automated blocking of private IPs to mitigate server-side request forgery (SSRF) risks and ensures that all outgoing traffic complies with defined egress rules. This integration of security with ease of use positions Earl as a crucial tool for developers and organizations looking to safely deploy AI agents in real-world applications.