RepoRadar
Leave a Tip
Item detail

Firma-AI/openfirma

OpenFirma is an Apache-2.0 Rust sidecar that sits between an AI agent and the outside world, evaluating every outbound call against Cedar policies you control so governance happens at runtime instead of only in prompts.

Open source Back to radar
Score7.9
Popularity16.0
Riskconditional
TierSilver
Score breakdown
Usefulness7.0
Novelty8.0
Momentum5.0
Maturity6.1
Open-source/build8.4
Evidence7.2
Workflow potential8.7
Setup ease6.4

Popularity is tracked separately. Support, ads, sponsorships, and tips never affect these signals.

Why it matters

Useful for teams experimenting with higher-autonomy agents that need a deterministic policy layer before they touch APIs, tickets, cloud services, or other external systems.

Who should use it

security-minded agent buildersplatform teams governing autonomous workflowsdevelopers connecting agents to sensitive APIsorganizations testing policy-backed agent controls

Who should skip it

Skip if the source link, docs, or setup requirements do not match your workflow.

Risk explanation

It sits on the hot path for agent outbound actions, so policy mistakes can either block real work or accidentally permit sensitive calls you thought were constrained.

Evidence links

Closest alternatives / related signals

agent-governancepolicysecuritycedarai-infrastructure