Show HN: Bulwark – a kernel read gate so coding agents can't read .env or .ssh (github.com)

Obsta Labs has launched Bulwark, an OS-level security tool that acts as a read gate for AI coding agents on developer machines, enhancing data protection for sensitive files like SSH keys and environment variables. By leveraging Linux's fanotify permission events and macOS's Endpoint Security, Bulwark regulates file access before an agent can read them, applying policies that can deny, allow, or request consent for access. This system ensures that sensitive data is safeguarded at the kernel level, acting as a robust barrier against unauthorized data access akin to a protective checkpoint within the operating system itself. This innovation is particularly significant for the AI/ML community, as it addresses the growing concerns around security and data leakage related to AI agents that require access to critical resources. Bulwark's design focuses on a deterministic approach that guarantees protection by verifying file access via inode rather than file paths, preventing potential bypass through symlink manipulations. Furthermore, the tool offers various operational modes, such as a hardened mode using Landlock for additional crash safety and consent management to ensure human oversight over critical decisions, making it a vital resource for developers looking to ensure integrity and security in AI deployments.