frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Show HN: AgentShield SDK – Runtime security for agentic AI applications

https://pypi.org/project/agentshield-sdk/
2•iamsanjayk•1y ago
Hi HN,

We built AgentShield, a Python SDK and CLI to add a security checkpoint for AI agents before they perform potentially risky actions like external API calls or executing generated code.

Problem: Agents calling arbitrary URLs or running unchecked code can lead to data leaks, SSRF, system damage, etc.

Solution: AgentShield intercepts these actions:

- guarded_get(url=...): Checks URL against policies (block internal IPs, HTTP, etc.) before making the request.

- safe_execute(code_snippet=...): Checks code for risky patterns (os import, eval, file access, etc.) before execution.

It works via a simple API call to evaluate the action against configurable security policies. It includes default policies for common risks.

Get Started:

Install: pip install agentshield-sdk

Get API Key (CLI): agentshield keys create

Use in Python: from agentshield_sdk import AgentShield # shield = AgentShield(api_key=...) # await shield.guarded_get(url=...) # await shield.safe_execute(code_snippet=...)

Full details, documentation, and the complete README are at <https://pypi.org/project/agentshield-sdk/>

We built this because securing agent interactions felt crucial as they become more capable. It's still early days, and we'd love to get your feedback on the approach, usability, and policies.

Comments

subhampramanik•1y ago
Looks interesting -- Does it work like a wrapper on top of OpenAI specs? Like, can we just replace the OpenAI package with this, and it's fully integrated?
iamsanjayk•1y ago
Hey, thanks for asking! Good question.

AgentShield isn't a wrapper around the OpenAI package, so you wouldn't replace openai with it. Think of AgentShield as a separate safety check you call just before your agent actually tries to run a specific risky action.

So, you'd still use the openai library as normal to get your response (like a URL to call or code to run). Then, before you actually use httpx/requests to call that URL, or exec() to run the code, you'd quickly check it with shield.guarded_get(the_url) or shield.safe_execute(the_code).

Currently, It focuses on securing the action itself (the URL, the code snippet) rather than wrapping the LLM call that generated it.

Cross-Ecosystem Vulnerabilities in Python Applications

https://nocomplexity.substack.com/p/cross-ecosystem-vulnerabilities-in
1•runningmike•48s ago•1 comments

Show HN: UFFS, a Rust NTFS search engine benchmarked against Everything

https://github.com/skyllc-ai/UltraFastFileSearch
1•rnio•2m ago•0 comments

Show HN: Cross provider cost management layer

https://getnable.com/
2•piosin•3m ago•0 comments

Skillrail: One versioned source for AI agent skills, synced to every tool

https://github.com/gbouziden/skillrail
2•skillrail•3m ago•0 comments

Virtual Advertising

https://en.wikipedia.org/wiki/Virtual_advertising
1•thunderbong•3m ago•0 comments

A signal engine with no training, no tokens, no neural net URL

https://github.com/JJardine919/voodoo-aoi
1•JJardine919•6m ago•0 comments

Show HN: Block distracting sites with a math or coding problem

https://sphinx.fyi/
1•hackitup7•6m ago•0 comments

Build in Public

https://slawson.org/#blog-buildinpublic
1•oxc0ffee•6m ago•0 comments

I rage-built email automation because HubSpot wanted me to talk to sales

https://charlielabs.ai/blog/rage-built-email-automation/
1•mrbbk•8m ago•0 comments

Together for a Healthier Clippy

https://blog.rust-lang.org/inside-rust/2026/07/06/unite-for-clippy/
1•vinhnx•8m ago•0 comments

How to enable post-quantum cryptography and TLS termination with HAProxy

https://www.haproxy.com/blog/how-to-enable-post-quantum-cryptography-and-tls-termination-with-hap...
1•owenthejumper•9m ago•0 comments

Wrexham AFC and Firefox announce a multi-year, front-of-kit partnership

https://blog.mozilla.org/en/firefox/wrexham-afc-firefox-partnership/
2•HieronymusBosch•10m ago•0 comments

I Recovered WhatsApp Chat History from Android to iPhone

https://n4ze3m.com/blog/recovering-whatsapp-chat-history-android-to-iphone-with-open-source-tools
1•n4ze3m•12m ago•0 comments

How tech workers are feeling in 2026: a workforce splitting in two

https://www.lennysnewsletter.com/p/how-tech-workers-are-feeling-in-2026
1•speckx•14m ago•0 comments

QuadRF – Modular 4x4 MIMO beamforming tile. SDR in the spatial domain.

https://www.youtube.com/watch?v=zdJ9Tbm8ALg
1•mhb•14m ago•0 comments

SproutGuard – I built a Screen Time detox app to stop my own doomscrolling

https://apps.apple.com/us/app/sproutguard-screen-time-detox/id6768664921
1•shantj•15m ago•0 comments

Digitized airplane logbooks – open-sourced it and looking for feedback (free)

https://github.com/iiamit/MyTailLog
1•iiamit•15m ago•1 comments

Ex-NASA boss points out small flaw in Moon landing plan: No lander

https://www.theregister.com/science/2026/07/08/ex-nasa-boss-points-out-small-flaw-in-moon-landing...
1•tcp_handshaker•16m ago•0 comments

Grillr, AI that interrogates your startup idea then holds you to real deadlines

https://www.grillr.io
1•alecavaz•16m ago•1 comments

What Snowflake, Twilio, and Cursor's pricing rollout teach about token economics

https://www.solvimon.com/blog/token-economics
1•arnon•16m ago•0 comments

OpenAI Wins AtCoder World Tour Finals 2026 Heuristic Contest

https://atcoder.jp/login?continue=https%3A%2F%2Fatcoder.jp%2Fcontests%2Fawtf2026heuristic%2Fstand...
1•artninja1988•16m ago•0 comments

Brave makes new official bypass to support uBlock Origin and more

https://www.neowin.net/news/forget-google-chrome-brave-makes-new-official-bypass-to-support-ubloc...
2•bundie•17m ago•0 comments

I Bought a Sony Walkman

https://82mhz.net/posts/2026/07/i-bought-a-sony-walkman/
3•surprisetalk•18m ago•0 comments

Windows Drops Under 60% in Global Desktop OS Share for the First Time in Years

https://linuxiac.com/windows-drops-under-60-in-global-desktop-os-share-for-the-first-time-in-years/
4•hkmaxpro•20m ago•1 comments

I turned my LinkedIn tool with 2M DMs sent into a governed LinkedIn MCP apex.new

https://www.apex.new
1•ruzgarzere•20m ago•2 comments

Microsoft Lands Initial AV1 Encoding Using DirectX 12 and HMFT Within Mesa 26.2

https://www.phoronix.com/news/Microsoft-AV1-Encode-DX12-HMFT
1•breve•20m ago•0 comments

How Liberal Law School professors fueled rise of Federalist Society

https://news.harvard.edu/gazette/story/2026/07/how-liberal-law-school-professors-fueled-rise-of-f...
1•cs702•21m ago•0 comments

Structuring Sparsity: Block-Sparse Featurizers Capture Visual Concept Manifolds

https://arxiv.org/abs/2606.25234
1•yorwba•22m ago•0 comments

Hello Hacker Rank

1•mohammedmsgm•22m ago•0 comments

Outcry as Meta lets users make AI images from public Instagram profile pics

https://www.bbc.com/news/articles/cp9lee19y1yo
2•tcp_handshaker•23m ago•0 comments