frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Show HN: AgentShield SDK – Runtime security for agentic AI applications

https://pypi.org/project/agentshield-sdk/
2•iamsanjayk•1y ago
Hi HN,

We built AgentShield, a Python SDK and CLI to add a security checkpoint for AI agents before they perform potentially risky actions like external API calls or executing generated code.

Problem: Agents calling arbitrary URLs or running unchecked code can lead to data leaks, SSRF, system damage, etc.

Solution: AgentShield intercepts these actions:

- guarded_get(url=...): Checks URL against policies (block internal IPs, HTTP, etc.) before making the request.

- safe_execute(code_snippet=...): Checks code for risky patterns (os import, eval, file access, etc.) before execution.

It works via a simple API call to evaluate the action against configurable security policies. It includes default policies for common risks.

Get Started:

Install: pip install agentshield-sdk

Get API Key (CLI): agentshield keys create

Use in Python: from agentshield_sdk import AgentShield # shield = AgentShield(api_key=...) # await shield.guarded_get(url=...) # await shield.safe_execute(code_snippet=...)

Full details, documentation, and the complete README are at <https://pypi.org/project/agentshield-sdk/>

We built this because securing agent interactions felt crucial as they become more capable. It's still early days, and we'd love to get your feedback on the approach, usability, and policies.

Comments

subhampramanik•1y ago
Looks interesting -- Does it work like a wrapper on top of OpenAI specs? Like, can we just replace the OpenAI package with this, and it's fully integrated?
iamsanjayk•1y ago
Hey, thanks for asking! Good question.

AgentShield isn't a wrapper around the OpenAI package, so you wouldn't replace openai with it. Think of AgentShield as a separate safety check you call just before your agent actually tries to run a specific risky action.

So, you'd still use the openai library as normal to get your response (like a URL to call or code to run). Then, before you actually use httpx/requests to call that URL, or exec() to run the code, you'd quickly check it with shield.guarded_get(the_url) or shield.safe_execute(the_code).

Currently, It focuses on securing the action itself (the URL, the code snippet) rather than wrapping the LLM call that generated it.

The UK's Latest "Debanking" Scandal Should Give Everyone Pause

https://www.nakedcapitalism.com/2026/07/the-uks-latest-debanking-scandal-should-give-everyone-pau...
1•iamnothere•49s ago•0 comments

The Most Overrated American Who Ever Lived [audio]

https://www.theringer.com/podcasts/plain-english-with-derek-thompson/2026/07/03/megapod-the-most-...
1•mooreds•1m ago•0 comments

Harm Bot · Streamlit

https://harm-youtube.streamlit.app
1•cocoglare•4m ago•0 comments

How Amazon SQS fair queues work

https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-fair-queues-detail...
1•mooreds•4m ago•0 comments

Show HN: I'm trying to map all vacation rentals you can book direct

https://staythere.ai/
1•wthayer•6m ago•0 comments

Overshadow-JS, suncalc tells you sun angles, this tells you shadows

https://github.com/Botfather90/overshadow
1•Brandon99pt•10m ago•0 comments

Yes, Robot. Yes, Boss?

https://cutlefish.substack.com/p/tbm-428-yes-robot-yes-boss
1•mooreds•16m ago•0 comments

Apple 'Hide My Email' Vulnerability Reveals Peoples' Real Email Addresses

https://www.404media.co/apple-hide-my-email-vulnerability-reveals-peoples-real-email-addresses/
5•tjwds•17m ago•1 comments

The circuit that lets your brain think and see

https://www.engineering.columbia.edu/about/news/circuit-lets-your-brain-think-and-see
3•hhs•18m ago•0 comments

US Government says it got hacked – again

https://techcrunch.com/2026/07/02/us-government-says-it-got-hacked-again/
2•jack1689•23m ago•0 comments

The Gap Map v0.1

https://www.currentai.org/blogs/introducing-the-gap-map-v0-1#article
2•droidjj•23m ago•0 comments

Ants: Who looks after the injured in a colony?

https://www.uni-wuerzburg.de/en/news-and-events/news/detail/news/ameisen-kolonie-verletzte-pflegt/
4•hhs•28m ago•1 comments

Amsterdam invented the fire department

https://worksinprogress.co/issue/how-amsterdam-invented-the-fire-department/
12•zdw•28m ago•1 comments

GitHub offering CD-ROMs of your code for a few days

https://www.pcgamer.com/hardware/your-code-is-physically-yours-forever-until-you-lose-it-lets-be-...
2•evo_9•28m ago•1 comments

Shopify SEO Experts Can Boost Your Online Store Rankings

https://www.techwrath.com/shopify-seo-experts-boost-online-store-rankings/
2•techwrath11•32m ago•1 comments

Giant trees have no trouble pumping water to top branches

https://news.exeter.ac.uk/faculty-of-environment-science-and-economy/giant-trees-have-no-trouble-...
9•hhs•34m ago•0 comments

Steam Controller Auto-Charge – pilot to magnetic charging puck using CV

https://github.com/FossPrime/Steam-Controller-Auto-Charge
5•zdw•34m ago•0 comments

Save Claude Code Tokens with Smart Routing

https://github.com/regolo-ai/brick-SR1
2•FrancescoMassa•35m ago•0 comments

Elevating Privileges from Firefox to Android Root

https://rootme.nebusec.ai/
9•kozika•35m ago•2 comments

Dispersion loss counteracts embedding condensation in small language models

https://chenliu-1996.github.io/projects/LM-Dispersion/
7•E-Reverance•38m ago•0 comments

David Potter, the man who put Psion in the palm of your hand, logs off at 82

https://www.theregister.com/personal-tech/2026/07/03/david-potter-the-man-who-put-psion-in-the-pa...
6•sohkamyung•39m ago•1 comments

GitFut – Your GitHub stats turned into a World-Cup-style player card

https://gitfut.com
3•redbell•40m ago•0 comments

Sneaker Company Allbirds Plans to Pivot to A.I

https://www.nytimes.com/2026/04/15/us/allbirds-shoes-ai-pivot.html
2•shepherdjerred•40m ago•1 comments

Leanstral 1.5: Proof Abundance for All

https://mistral.ai/news/leanstral-1-5/
10•programLyrique•41m ago•0 comments

Show HN: Scout.kids – Agents that find activies for families

https://scout.kids
2•davmar•42m ago•0 comments

Radiolarite – "Iron of the Paleolithic"

https://en.wikipedia.org/wiki/Radiolarite
3•jumploops•46m ago•0 comments

Overturning a $1B Copyright Award Against a Broadband Provider

https://cacm.acm.org/opinion/overturning-a-1-billion-copyright-award-against-a-broadband-provider/
1•zdw•47m ago•0 comments

Coding without AI: a revolutionary new way to work

https://isaaclyman.com/blog/posts/coding-without-ai/
14•aard•47m ago•2 comments

Trip LLM safety refusals so that LLM-based code scanning wont see the malware

https://indieweb.social/@laurenshof/116720287681995824
1•radiator•47m ago•0 comments

Disputing the Declaration of Independence

https://www.historytoday.com/archive/feature/disputing-declaration-independence
3•pepys•57m ago•0 comments