Show HN: Rampart – Open-source security for Claude and AI agents in YOLO mode(github.com)
github.com
Show HN: Rampart – Open-source security for Claude and AI agents in YOLO mode
https://github.com/peg/rampart
1 comments
This is dope! Sent you an email and would love to learn more.
How it works: you write a YAML policy that says what's allowed, denied, or flagged. Rampart evaluates every tool call against that policy before it runs. Here's what a policy looks like:
Everything gets written to a hash-chained audit trail. You can watch it live with "rampart watch" or generate HTML reports with "rampart report".
Setup for Claude Code takes one command: "rampart setup claude-code". It installs hooks that intercept every Bash command, file read, and file write before execution. Blocked commands never run — Claude sees an error and moves on.
Setup for OpenClaw agents is also one command: "rampart setup openclaw". Works on Linux and macOS.
Also works as a shell wrapper for any agent ("rampart wrap"), an MCP protocol proxy ("rampart mcp"), or an HTTP API that agent platforms can consult before executing anything ("rampart serve").
Go, ~14K lines, Apache 2.0, zero runtime deps. Policy eval takes under 20 microseconds.
I'd love feedback on what policies you'd want out of the box and what integrations matter most.