Show HN: A Firewall for AI agents with auditing (github.com)

A new tool called "trajeckt" has been introduced as a runtime enforcement gateway for AI agents, designed to block multi-step exploits that traditional security measures overlook. This innovative system achieves a deterministic enforcement in approximately 1.6 milliseconds, analyzing the entire trajectory of actions taken by an agent rather than evaluating each action in isolation. For instance, while an agent reading a database and subsequently sending an email might typically pass through security checks due to each action appearing legitimate on its own, trajeckt detects the entire sequence and prevents the data exfiltration at the stage where sensitive information would reach a forbidden endpoint. The significance of trajeckt lies in its dual enforcement system: it combines sealed pre-session commitments with heuristic sequence detection. Before execution, agents must establish a sealed, cryptographically signed graph that outlines which tools may be used, their order, and permissible data sinks. This approach not only enhances security by preventing unauthorized actions but also sets a new standard for governance in AI interactions. The ability to enforce rules based on full trajectories rather than isolated actions introduces a sophisticated layer of protection, addressing significant flaws in existing AI authorization systems and showcasing potential advancements in AI safety and ethical application.