frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Show HN: AgentShield SDK – Runtime security for agentic AI applications

https://pypi.org/project/agentshield-sdk/
2•iamsanjayk•1y ago
Hi HN,

We built AgentShield, a Python SDK and CLI to add a security checkpoint for AI agents before they perform potentially risky actions like external API calls or executing generated code.

Problem: Agents calling arbitrary URLs or running unchecked code can lead to data leaks, SSRF, system damage, etc.

Solution: AgentShield intercepts these actions:

- guarded_get(url=...): Checks URL against policies (block internal IPs, HTTP, etc.) before making the request.

- safe_execute(code_snippet=...): Checks code for risky patterns (os import, eval, file access, etc.) before execution.

It works via a simple API call to evaluate the action against configurable security policies. It includes default policies for common risks.

Get Started:

Install: pip install agentshield-sdk

Get API Key (CLI): agentshield keys create

Use in Python: from agentshield_sdk import AgentShield # shield = AgentShield(api_key=...) # await shield.guarded_get(url=...) # await shield.safe_execute(code_snippet=...)

Full details, documentation, and the complete README are at <https://pypi.org/project/agentshield-sdk/>

We built this because securing agent interactions felt crucial as they become more capable. It's still early days, and we'd love to get your feedback on the approach, usability, and policies.

Comments

subhampramanik•1y ago
Looks interesting -- Does it work like a wrapper on top of OpenAI specs? Like, can we just replace the OpenAI package with this, and it's fully integrated?
iamsanjayk•1y ago
Hey, thanks for asking! Good question.

AgentShield isn't a wrapper around the OpenAI package, so you wouldn't replace openai with it. Think of AgentShield as a separate safety check you call just before your agent actually tries to run a specific risky action.

So, you'd still use the openai library as normal to get your response (like a URL to call or code to run). Then, before you actually use httpx/requests to call that URL, or exec() to run the code, you'd quickly check it with shield.guarded_get(the_url) or shield.safe_execute(the_code).

Currently, It focuses on securing the action itself (the URL, the code snippet) rather than wrapping the LLM call that generated it.

They got something on the Screen

https://graybeard.ing/they-got-something-on-the-screen/
1•rglover•13s ago•0 comments

How to design a cancer vaccine (and vastly improve them)

https://www.owlposting.com/p/how-to-design-a-cancer-vaccine-and
1•crescit_eundo•44s ago•0 comments

GAN Lateral Superjunction Schottky Diode

https://www.powerelectronicsnews.com/gan-lateral-superjunction-schottky-diode/
1•stmw•2m ago•1 comments

Ask HN: I use coding agents daily, but how do real engineers use them?

1•getlawgdon•4m ago•0 comments

Help Web Attackers Self Report

https://nochan.net/b/Internet-Crap/20260524-Help-Attackers-Self-Report/
1•Bender•4m ago•1 comments

Show HN: Built a Website for People Who Miss the Old Web

https://www.dailicle.com/
1•lucky-solanki•5m ago•0 comments

HTML vs. JSON for LLMs: the format was a wash, the strategy was everything

https://www.lightningjar.com/blog/barkup-bench-results
1•kevinpeckham•8m ago•0 comments

How Google and AI Nearly Made a Seasoned Reporter Spiral

https://www.propublica.org/article/google-ai-reporting
1•Jimmc414•8m ago•0 comments

Loop Engineering: Design the Loop, or Be the Loop

https://clairetsao.substack.com/p/loop-engineering-design-the-loop
1•missmoss•8m ago•0 comments

AI Rocky from 'Project Hail Mary'

https://www.raspberrypi.com/news/ai-rocky-from-project-hail-mary/
1•Brajeshwar•8m ago•0 comments

Kani: A Model Checker for Rust

https://arxiv.org/abs/2607.01504
2•Jimmc414•9m ago•0 comments

Low-Background Steel

https://en.wikipedia.org/wiki/Low-background_steel
5•mh-cx•10m ago•0 comments

What security checks should an AI-built SaaS run before launch?

https://preflightio.com
1•continium•11m ago•0 comments

Kars – treat every AI agent as untrusted code, on Kubernetes

https://github.com/Azure/kars
1•pallakatos•11m ago•0 comments

Check out this new fitness app

https://gymia.fit
1•user2121•12m ago•0 comments

Designing z-order terminology in 2d space

https://meetzaveri.medium.com/designing-z-order-terminology-for-craftbase-a-whiteboard-app-in-2d-...
1•meet_zaveri•15m ago•1 comments

Teaching the New Loop

https://freesystems.substack.com/p/teaching-the-new-loop
1•paulpauper•16m ago•0 comments

Life with Hazard Ratios

https://dynomight.net/hazard-ratios/
1•surprisetalk•16m ago•0 comments

The AI Superforecasters Are Here

https://www.astralcodexten.com/p/the-ai-superforecasters-are-here
2•surprisetalk•17m ago•0 comments

Should DayQuil Be Legal?

https://www.theargumentmag.com/p/should-dayquil-be-legal
5•paulpauper•17m ago•0 comments

Will California's Wealth Tax Raise $100B or Lose $25B?

https://everywheremillionaire.substack.com/p/will-californias-wealth-tax-raise
2•paulpauper•18m ago•0 comments

Whimsy and the Literacy Crisis [video]

https://www.youtube.com/watch?v=CkBgnfn9Y7g
1•natebc•22m ago•1 comments

There's a Good Reason You Can't Concentrate

https://www.nytimes.com/2026/03/27/opinion/technology-mental-fitness-cognitive.html
2•zeroonetwothree•22m ago•0 comments

Startup bets that investors want to trade compute like a commodity

https://www.axios.com/2026/07/06/ornn-gpu-compute-commodity
1•Brajeshwar•22m ago•0 comments

Meko Is Open for Self Sign-Up

https://www.yugabyte.com/blog/meko-self-sign-up-get-started/
2•3littlefish•22m ago•1 comments

Microsoft says it is ramping up its quantum computing security work

https://www.techradar.com/pro/security/advances-in-quantum-research-and-development-have-shifted-...
1•mooreds•24m ago•1 comments

An Interview with Eve Maler

https://ciamweekly.substack.com/p/an-interview-with-eve-maler
1•mooreds•24m ago•0 comments

Writing Node.js Addons with .NET Native AOT

https://devblogs.microsoft.com/dotnet/writing-nodejs-addons-with-dotnet-native-aot/
1•birdculture•25m ago•0 comments

Trump intervention causes World Cup storm as FIFA clears US striker Balogun

https://www.reuters.com/sports/soccer/trump-intervention-sparks-world-cup-storm-fifa-clears-balog...
3•kleiba2•25m ago•2 comments

Eternal Software Initiative Based on Subleq One-Instruction-Set Computer

https://github.com/adriancable/eternal
2•lioeters•27m ago•0 comments