HackerTrans
TopNewTrendsCommentsPastAskShowJobs

naolbeyene

no profile record

Submissions

[untitled]

1 points·by naolbeyene·6 miesięcy temu·0 comments

A runtime authorization layer for LLM agents

medium.com
1 points·by naolbeyene·6 miesięcy temu·0 comments

SudoAgent runtime guardrails for AIagent toolcalls policy and approval and audit

github.com
1 points·by naolbeyene·6 miesięcy temu·2 comments

Ask HN: How do you authorize AI agent actions in production?

6 points·by naolbeyene·6 miesięcy temu·7 comments

comments

naolbeyene
·6 miesięcy temu·discuss
I built SudoAgent, a Python library that guards “dangerous” function calls at runtime.

It’s meant for agent/tool code (refunds, deletes, API writes, prod changes) where you want a gate outside the prompt.

How it works

Evaluate a policy on the call context (action + args/kwargs)

Optionally request human approval (terminal y/n in v0.1.1)

Write audit entries (JSONL by default) and correlate with request_id

Key semantics

Decision logging is fail-closed (if decision logging fails, the function does not execute)

Outcome logging is best-effort (logging failure won’t change the function return/exception)

Redacts secret key names + value patterns (JWT-like, sk-, PEM blocks)

It’s intentionally minimal and framework-agnostic: implement your own Policy, Approver,or AuditLogger (Slack/web UI/db) and inject them.