frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Show HN: AgentShield SDK – Runtime security for agentic AI applications

https://pypi.org/project/agentshield-sdk/
2•iamsanjayk•1y ago
Hi HN,

We built AgentShield, a Python SDK and CLI to add a security checkpoint for AI agents before they perform potentially risky actions like external API calls or executing generated code.

Problem: Agents calling arbitrary URLs or running unchecked code can lead to data leaks, SSRF, system damage, etc.

Solution: AgentShield intercepts these actions:

- guarded_get(url=...): Checks URL against policies (block internal IPs, HTTP, etc.) before making the request.

- safe_execute(code_snippet=...): Checks code for risky patterns (os import, eval, file access, etc.) before execution.

It works via a simple API call to evaluate the action against configurable security policies. It includes default policies for common risks.

Get Started:

Install: pip install agentshield-sdk

Get API Key (CLI): agentshield keys create

Use in Python: from agentshield_sdk import AgentShield # shield = AgentShield(api_key=...) # await shield.guarded_get(url=...) # await shield.safe_execute(code_snippet=...)

Full details, documentation, and the complete README are at <https://pypi.org/project/agentshield-sdk/>

We built this because securing agent interactions felt crucial as they become more capable. It's still early days, and we'd love to get your feedback on the approach, usability, and policies.

Comments

subhampramanik•1y ago
Looks interesting -- Does it work like a wrapper on top of OpenAI specs? Like, can we just replace the OpenAI package with this, and it's fully integrated?
iamsanjayk•1y ago
Hey, thanks for asking! Good question.

AgentShield isn't a wrapper around the OpenAI package, so you wouldn't replace openai with it. Think of AgentShield as a separate safety check you call just before your agent actually tries to run a specific risky action.

So, you'd still use the openai library as normal to get your response (like a URL to call or code to run). Then, before you actually use httpx/requests to call that URL, or exec() to run the code, you'd quickly check it with shield.guarded_get(the_url) or shield.safe_execute(the_code).

Currently, It focuses on securing the action itself (the URL, the code snippet) rather than wrapping the LLM call that generated it.

Opendray – run Claude Code/Codex agents on your own box, drive from anywhere

https://github.com/Opendray/opendray
1•navidrast•2m ago•0 comments

Roblox takes newly release Steam games and rips them off

https://old.reddit.com/r/dataisbeautiful/comments/1uogveo/oc_peak_daily_players_the_steam_game_me...
1•MrBuddyCasino•4m ago•0 comments

Ente's business metrics are open now

https://ente.com/blog/open/
1•Cider9986•7m ago•0 comments

Dev Jr Developer

1•edoschenone•8m ago•0 comments

1-Minute Chess Puzzles – A rapid tactics game I built for Android

https://play.google.com/store/apps/details?id=io.hackersway.oneminutechess&hl=en_US
1•amitgajbhare•11m ago•0 comments

Ask HN: What's the most life-changing blog post you've ever read?

1•chistev•12m ago•0 comments

Building a High-Performance C++ Backtesting Framework

https://dolphindb.com/blogs/46
2•CrazyTomato•12m ago•0 comments

Cloud Agent Lessons

https://cursor.com/blog/cloud-agent-lessons
2•shahargl•14m ago•0 comments

Best Training Management Software

https://www.qualityze.com/training-management
1•qualityze-inc•15m ago•0 comments

Show HN: OCR-grab: Flameshot clone that adds OCR

https://github.com/talalalrwas/ocr-grab
2•tgol•16m ago•0 comments

He Earns $33 an Hour as a Costco Cashier. Now He's a Millionaire

https://www.wsj.com/business/retail/he-earns-33-an-hour-as-a-costco-cashier-now-hes-a-millionaire...
3•JumpCrisscross•17m ago•0 comments

Grok 4.5 Release (Technical)

https://cursor.com/blog/grok-4-5
1•linzhangrun•19m ago•1 comments

Automate Apps with No API

https://blog.mobilerun.ai/posts/how-to-automate-apps-with-no-api
1•Messyflame•23m ago•0 comments

Tooling for AI agents to build KiCad project from simple circuit description

https://github.com/oxplot/burn2kicad
1•oxplot•23m ago•0 comments

Game devs commit their dependencies. Maybe we should too

https://nathanflurry.com/thoughts/26-03-26-manage-packages-like-game-engines/
1•resiros•25m ago•0 comments

SQLite Is Dynamically Typed (2020)

https://www.zachocean.com/posts/sqlite-is-dynamically-typed/
2•downbad_•26m ago•0 comments

GitHub Actions degraded again

https://www.githubstatus.com/incidents/cstx3v63mklm
2•gruselhaus•28m ago•0 comments

Hand it your codebase. Not your secrets

https://agentjail.io/blog/announcing-v060/
1•LuD1161•29m ago•0 comments

SpreadsheetPreview: JavaScript component to display Excel files in browser

https://spreadsheetpreview.com/
1•robbiejs•31m ago•1 comments

CVE-2026-14440: Cloudflare Universal SSL CAA records supersede user CAA

https://nvd.nist.gov/vuln/detail/CVE-2026-14440
1•David_Osipov•33m ago•0 comments

The best WebAssembly runtime may still be no runtime at all

https://00f.net/2026/07/08/webassembly-compilation-to-c-2026/
1•goranmoomin•36m ago•0 comments

Engineering the J-Space: Beyond Chain of Thought

https://github.com/mlangford75-lgtm/mlangford75-lgtm
1•Mlangford75•36m ago•0 comments

Show HN: N3MO – Deterministic code intelligence via AST parsing, no embeddings

https://github.com/RajX-dev/N3MO
1•RajX_dev•36m ago•0 comments

Build your own agentic framework – the no-magic version

https://medium.com/@kirill89/build-your-own-agentic-framework-the-no-magic-version-8858d5ee94d0
1•k1r111•38m ago•0 comments

Claude "Honeycomb" spotted and pulled from Cursor, unannounced Anthropic model

https://twitter.com/chetaslua/status/2075064406116065416
2•alecavaz•39m ago•1 comments

$100k to keep CTFs competitive in the age of AI

https://osec.io/blog/save-ctfs-fund/
1•stuxf•42m ago•0 comments

Grok Is Back

https://www.vincentschmalbach.com/grok-is-back/
1•vincent_s•43m ago•0 comments

Decispher – System of record and action for engineering teams

https://decispher.com
6•cool_coder12•43m ago•0 comments

Google patched AI chatbot flaw that could expose customer conversations

https://www.axios.com/2026/07/07/varonis-google-ai-agent-chatbot-security?
2•crowd51•45m ago•0 comments

Mastodon, the Only Good Choice

https://www.tbray.org/ongoing/When/202x/2026/07/05/Choose-Mastodon
4•robin_reala•46m ago•0 comments