Show HN: Capframe – capability tokens for AI agent tool calls (capframe.ai)

Capframe has introduced a suite of Rust modules designed to enhance capability security for AI agents calling external tools, marking a significant development for the AI/ML community focused on compliance and risk management. The suite comprises three core modules: Find, Bind, and Guard, which together facilitate mapping tool surfaces, minting scoped capability tokens, and executing runtime policy evaluations without involving large language models (LLMs). This architecture allows developers to pinpoint vulnerabilities such as indirect-injection gaps and ensures that every tool call adheres to robust security policies, backed by compliance frameworks like OWASP LLM and NIST AI RMF. The key technical features include the ability to generate detailed audits of findings, mint macaroon-style tokens that enforce permission scopes, and ensure rapid policy evaluations with minimal latency. As organizations increasingly adopt AI, Capframe's open-source solution empowers teams to secure AI tool interactions effectively. Its modular design enables various teams—ranging from security specialists to AI engineers—to adopt different aspects of the tool as their strategies evolve, while maintaining transparency through publicly accessible code. This innovation not only strengthens operational security but also aligns AI developments more closely with regulatory compliance demands.