Open Source Proxy for Agents (github.com)

AgentShield Proxy is an open‑source, minimal PII‑safe proxy for agents that runs on AWS (API Gateway → Lambda) and is deployed with the Serverless Framework. It automatically redacts emails and SSNs in request bodies (email → [REDACTED_EMAIL], SSN → [REDACTED_SSN]) and can optionally perform a lightweight Postgres health check (SELECT 1) when a PG_DSN is provided in AWS SSM. The project packages psycopg2 into an AWS Lambda Layer so the function ZIP stays small, enforces API key access via API Gateway usage plans, handles CORS, and includes security guards (for example, blocking admin DELETE operations). Example curl responses show requests returned with redacted fields and a processed status. Why it matters: agents and ML integrations frequently touch user data and can accidentally leak PII; AgentShield gives a simple, auditable in‑path control point to sanitize payloads before they reach downstream services. Technical implications include easy integration with existing agent stacks, minimal runtime overhead thanks to layered dependencies, and a deployable pattern for prod (Node 18+, npx, AWS CLI with deploy permissions; Python 3.9 used only to build the psycopg2 layer). The repo includes build/deploy scripts and tests, making it practical for secure prototyping or production hardening of agent pipelines.