ai-runtime-guard is an MCP server that sits between your AI agent and your system. It enforces a policy layer before any file or shell action takes effect. No retraining, no prompt engineering, no changes to your agent or workflow.
Your agent can say anything. It can only do what policy allows.
What it does: - Blocks dangerous commands (rm -rf, dd, shutdown, privilege escalation) before execution - Gates risky commands behind human approval via a web GUI - Simulates blast radius for wildcard operations before they run - Creates automatic backups before destructive actions - Full audit trail of everything the agent does
Works with Claude Desktop, Cursor, Codex, and any stdio MCP-compatible client. Default profile is basic protection out of the box — advanced tiers are opt-in.
Validated on macOS Apple Silicon. Linux expected to work, formal validation coming in v1.1.
Would love feedback from anyone running AI agents with filesystem access.
entrustai•57m ago
The failure modes are different. An agent that deletes the wrong file causes immediate visible damage. An agent that outputs a guaranteed return, a clinical claim it can't support, or a sycophantic opener in a regulated context causes liability that surfaces weeks later in a compliance review.
The audit trail approach you've taken with HMAC on approvals is the right instinct for the action layer. The same logic applies to the output layer — you need to prove not just what was blocked, but that the check happened at all, against a specific versioned policy, at a specific time.
Good work on the blast radius simulation — that's the kind of deterministic pre-flight check that makes governance defensible.