Show HN: Samma Suit – Open-source 8-layer security framework for AI agents

https://sammasuit.com

1•jbwagoner•1h ago

I've been running AI agents in production for a music platform and kept hitting the same security gaps — no permission inheritance, no cost controls on nested calls, skills that could execute arbitrary code, no kill switch when things went sideways. Samma Suit is an open-source security layer that wraps any agent framework with 8 layers:

SUTRA — API gateway with rate limiting DHARMA — Permission inheritance (parent → child agents) SANGHA — Skill/tool vetting before execution KARMA — Cost controls that propagate through subagents SILA — Immutable audit trail METTA — Cryptographic identity signing BODHI — Execution isolation NIRVANA — Kill switch for runaway agents

Framework-agnostic — works with LangChain, CrewAI, AutoGPT, or raw API calls. Define policies in YAML, Samma Suit enforces them at runtime. GitHub: https://github.com/onezeroeight/samma-suit Docs: https://sammasuit.com The arxiv paper on the front page today (agents violating constraints 30-50% of the time) is exactly why we built this — constraints need to be enforced at infrastructure level, not left to the model.

Comments

jbwagoner•1h ago

A bit more on the architecture: Each layer is a middleware that wraps the agent's execution loop. When an agent calls a tool or spawns a subagent, the request passes through the stack: Agent Request → SUTRA (rate limit) → DHARMA (permissions) → SANGHA (skill check) → KARMA (cost) → Execute ↓ Agent Response ← SILA (audit log) ← METTA (sign) ← BODHI (isolate) ← NIRVANA (kill if needed) ← Policies are YAML: yamlpermissions: file_system: read: ["/data/*"] write: [] network: allowed_domains: ["api.anthropic.com"] cost: max_per_request: 0.10 max_per_session: 5.00

kill_conditions: - token_count > 100000 - execution_time > 300s - error_rate > 0.5 The key insight from running agents in production: most failures aren't the model being malicious — they're the model being helpful in ways you didn't anticipate. DHARMA and SANGHA catch those before they execute. Happy to go deeper on any layer.

Zillow wins court fight over private listings, enforcing ban on private listings

Open-source network simulators and emulators in 2026

Ex-GitHub CEO Launches a New Developer Platform for AI Agents

Pxlpal on CrowdSupply

"Just one more feature" is my new "just one more turn"

Geometric algebra: what is the inverse of a vector?

The Internet Still Works: Yelp Protects Consumer Reviews

MB Is a Lot of HTML

Show HN: Vibe – AI tool to automate social media content, posting, and reporting

Lissn.to

Bazzite Post-Mortem

Show HN: SyncKit – Open two browser tabs and watch CRDTs sync in real-time

Pgconsole

The Internet Still Works: Wikipedia Defends Its Editors

Texas Instruments to Acquire Silicon Labs

Thaw.zip: Private Subreddit Used by ICE

Why "Just Fine-Tune YOLO" Often Fails

Show HN: Shaders Public Beta – Shader Magic for Modern Frontends

Show HN: OpenClaw Guide – multilingual docs and skills leaderboard

Show HN: Self-improvement platform

OpenClaw – Hosting

Former GitHub CEO raises record $60M dev tool seed round at $300M valuation

Show HN: GrillMyPitch – An AI investor-readiness simulator for founders

I ditched Gmail for Thunderbird on my Android

How old were you when you decided to start giving up? (2010)

An Asteroid Might Slam into the Moon in 2032–and Create a Fiery Flash

Using an Engineering Notebook

Ask HN: When autosave restores an invalid client-side state

Church of Molt

Mailly