SudoAgent runtime guardrails for AIagent toolcalls policy and approval and auditgithub.com1 points·by naolbeyene·6 mesi fa·2 comments
Ask HN: How do you authorize AI agent actions in production?6 points·by naolbeyene·6 mesi fa·7 comments
naolbeyene·6 mesi fa·discussI built SudoAgent, a Python library that guards “dangerous” function calls at runtime.It’s meant for agent/tool code (refunds, deletes, API writes, prod changes) where you want a gate outside the prompt.How it worksEvaluate a policy on the call context (action + args/kwargs)Optionally request human approval (terminal y/n in v0.1.1)Write audit entries (JSONL by default) and correlate with request_idKey semanticsDecision logging is fail-closed (if decision logging fails, the function does not execute)Outcome logging is best-effort (logging failure won’t change the function return/exception)Redacts secret key names + value patterns (JWT-like, sk-, PEM blocks)It’s intentionally minimal and framework-agnostic: implement your own Policy, Approver,or AuditLogger (Slack/web UI/db) and inject them.
It’s meant for agent/tool code (refunds, deletes, API writes, prod changes) where you want a gate outside the prompt.
How it works
Evaluate a policy on the call context (action + args/kwargs)
Optionally request human approval (terminal y/n in v0.1.1)
Write audit entries (JSONL by default) and correlate with request_id
Key semantics
Decision logging is fail-closed (if decision logging fails, the function does not execute)
Outcome logging is best-effort (logging failure won’t change the function return/exception)
Redacts secret key names + value patterns (JWT-like, sk-, PEM blocks)
It’s intentionally minimal and framework-agnostic: implement your own Policy, Approver,or AuditLogger (Slack/web UI/db) and inject them.