HackerTrans
TopNewTrendsCommentsPastAskShowJobs

yaront111

no profile record

Submissions

[untitled]

1 points·by yaront111·2 เดือนที่ผ่านมา·0 comments

[untitled]

1 points·by yaront111·5 เดือนที่ผ่านมา·0 comments

LangChain, AutoGen, CrewAI, Temporal: What breaks when you need governance?

1 points·by yaront111·6 เดือนที่ผ่านมา·0 comments

Show HN: I built a firewall for agents because prompt engineering isn't security

github.com
7 points·by yaront111·6 เดือนที่ผ่านมา·7 comments

Show HN: I built a "sudo" mechanism for AI agents

github.com
2 points·by yaront111·6 เดือนที่ผ่านมา·2 comments

[untitled]

1 points·by yaront111·6 เดือนที่ผ่านมา·0 comments

comments

yaront111
·6 เดือนที่ผ่านมา·discuss
That’s a sharp observation. You’re partially right CAP (our protocol) handles the structural canonicalization. We use strict Protobuf/Schematic definitions, so if an agent sends a messy JSON that doesn't fit the schema, it’s rejected at the gateway. We don't deal with 'raw text' tool calls in the backend. But you are touching on the semantic aliasing problem (e.g. rm -rf vs rm -r -f), which is a layer deeper. Right now, we rely on the specific Worker to normalize those arguments before they hit the policy check, but having a universal 'Canonical Action Representation' upstream would be cleaner. If you can turn 'messy intent' into a 'deterministic hash' before it hits the Cordum Scheduler, that would be a killer combo. Do you have a repo/docs for CAR yet?
yaront111
·6 เดือนที่ผ่านมา·discuss
try this for security and scale cordum.io
yaront111
·6 เดือนที่ผ่านมา·discuss
i just built Cordum.io .. should give u 100% deterministic security open sourced and free :)
yaront111
·6 เดือนที่ผ่านมา·discuss
i built deterministic 100% solution cordum.io
yaront111
·6 เดือนที่ผ่านมา·discuss
[flagged]
yaront111
·6 เดือนที่ผ่านมา·discuss
Thank u ! would love feedback and helping hand !
yaront111
·6 เดือนที่ผ่านมา·discuss
Here is a 100% deterministic solution

Cordum.io
yaront111
·6 เดือนที่ผ่านมา·discuss
Exordex is a great tool for the CI/CD pipeline to test agents. Cordum is the Runtime Kernel that enforces those policies in production. Ideally? You use Exordex to test that your agent works, and Cordum to guarantee it stays safe.
yaront111
·6 เดือนที่ผ่านมา·discuss
Great question. This is actually a core design principle of the Cordum Agent Protocol (CAP).

It’s definitely a *structured rejection*, not a silent fail. Since the LLM needs to "know" it was blocked to adjust its plan, the kernel returns a standard error payload (e.g., `PolicyViolationError`) with context.

The flow looks like this: 1. *Agent:* Sends intent "Delete production DB". 2. *Kernel:* Checks policy -> DENY. 3. *Kernel:* Returns a structured result: `{ "status": "blocked", "reason": "destructive_action_limit", "message": "Deletion requires human approval" }`. 4. *Agent (LLM):* Receives this as an observation. 5. *Agent (Re-planning):* "Oh, I can't delete it. I will generate a slack message to the admin asking for approval instead."

This feedback loop turns safety from a "blocker" into a constraint that the agent can reason around, which is critical for autonomous recovery.
yaront111
·6 เดือนที่ผ่านมา·discuss
It is overkill for a demo. But for my production environment, I need an external safety layer. I can't rely on 'prompt engineering' when real data is at stake.
yaront111
·6 เดือนที่ผ่านมา·discuss
Really appreciate the feedback to improve:)