Show HN: My OpenClaw tried to exfiltrate my SSH keys, so I built a guardrail (github.com)

A developer has introduced Crust, a local security gateway designed to protect AI agents from unauthorized access to sensitive data. This tool intercepts and monitors actions initiated by AI agents, such as file reads, shell commands, and network requests, blocking any dangerous operations before execution. Notably, Crust operates entirely on the user's machine, ensuring that no data is transferred to external servers. It supports various operating systems and integrates seamlessly with popular LLMs without requiring modifications to existing code. Crust is significant for the AI/ML community as it addresses the growing concerns regarding data security and privacy, especially with the increasing use of AI agents in sensitive environments. It comes equipped with 14 built-in security rules and 19 data loss prevention (DLP) patterns that can detect potential breaches involving credentials, system authentication data, and even private keys. By employing a multi-layer scanning approach, where tool calls are filtered both before they reach the LLM and after the LLM’s responses are generated, Crust offers real-time protection against security threats. As an open-source project, it invites community contributions to enhance its security rules, further promoting collaborative development in AI safety.