Show HN: Telos – eBPF/LSM Runtime Security for Autonomous AI Agents (github.com)

Telos has been introduced as a groundbreaking Linux kernel-level security runtime designed to govern the behavior of autonomous AI agents using Natural Language Intent Declarations, eBPF/LSM syscall gates, and real-time Information Flow Control. This innovative framework allows programs to declare their intents in plain English—for example, "I need to download a weather report from weather.com"—which Telos translates into precise operational boundaries, ensuring that programs execute only the actions they claim to intend. By operating at the kernel level, Telos creates dual enforcement gates that intercept system calls related to execution and networking, effectively locking applications down and reducing the risk of exploitation, even by root-level malware. This development is significant for the AI/ML community as it introduces a new paradigm for runtime security, particularly in safeguarding sensitive data against unauthorized access. Telos leverages advanced techniques such as cross-vector taint tracking, which dynamically escalates the taint level of processes that access sensitive files, triggering immediate network lockdowns to prevent data exfiltration. With eBPF hash map implementations, Telos achieves zero-copy lookups and minimal overhead, making it suitable for enterprise-scale applications. The combination of dynamic policy generation, robust monitoring, and real-time threat response positions Telos as a promising solution for enhancing the security of AI agents in complex environments.