Show HN: Jo – AI-native language to catch prompt injection at compile-time (github.com)

Jo, an early-stage statically typed programming language, aims to enhance security in AI-generated code by enforcing capability boundaries at compile time. Unlike traditional runtime sandboxes that only block certain system calls or file paths, Jo ensures that functions can only access specific capabilities they have been granted. This is managed through explicit capability declarations and compiler checks that prove compliance across the entire call graph. For example, functions are unable to invoke capabilities unless explicitly allowed, significantly reducing the risk of vulnerabilities like prompt injection. This significant approach addresses a growing concern in AI/ML, where agents generate code that could potentially compromise user data or system integrity. By compiling to Ruby and Python, and providing a clear security model, Jo offers a promising solution for developers looking to leverage AI while safeguarding their applications. As the project evolves, it presents an opportunity for serious experimentation in capability-enforced coding practices, potentially setting a new standard for secure AI integration.