So I created Korveo.
Korveo runs on your computer between your agent and its tools.
Here is what Korveo does:
1. Korveo records every single tool and application programming interface call that the agent makes
2. Korveo lets you replay the sessions like a recording of a flight
3. Korveo blocks behavior right away like when the agent tries to leak data or connect to a bad host or when it tries to mix up information from different sessions
All of Korveos work happens on your computer. There is no cloud involved. You do not need to make an account. Everything that Korveo does stays on your machine.
Korveo is still a thing so there are some issues.
For example:
1. The language that Korveo uses to make rules is not good
2. Korveo does not work well with all frameworks
3. Korveo is not a space to test an agent that has been fully compromised
But even with these issues Korveo is already useful if you are working with autonomous agents and you want to see what they are doing and you want to make sure they do not do anything bad.
I would really like to hear your thoughts, on Korveo.
amitbidlan•18m ago
1. The reason I like local-first is that I do not want logs from tools and agents going to some company.
With DuckDB everything stays on your system so you have control over it.
2. I want to be honest about something. Korveo is between the agent and the tools it uses.
If the agent itself is compromised it can still get around Korveo.
So Korveo is, like a guard that helps keep things safe. It also keeps a record of what happens.
It is not a solution but it helps.
I am happy to talk about how Korveo works with policies or how it supports certain frameworks if people want to know more about Korveo.