RepoRadar
Leave a Tip
Item detail

provos/ironcurtain

Ironcurtain is an Apache-2.0 secure runtime for autonomous AI agents that turns a plain-English constitution into enforceable policy on the trusted-process boundary. It mediates every filesystem, network, and tool call so the agent runs with least privilege by default, with no per-call prompt games.

Open source Back to radar
Score7.8
Popularity78.0
Risknone
TierGold
Score breakdown
Usefulness8.0
Novelty8.0
Momentum7.0
Maturity7.8
Open-source/build8.4
Evidence7.2
Workflow potential9.3
Setup ease6.4

Popularity is tracked separately. Support, ads, sponsorships, and tips never affect these signals.

Why it matters

Useful for any team deploying agent workloads that touch real systems: pin down a written policy once, point Ironcurtain at your agent binary, and walk the audit log to confirm the policy actually blocks the calls you intended before promoting it to production.

Who should use it

agent platform engineerssecurity teamsregulated-industry AI deploymentsteams running agents in production with sensitive data

Who should skip it

Skip if the source link, docs, or setup requirements do not match your workflow.

Risk explanation

policy enforcement is only as good as the constitution you write; review it like a security policy, not a prompt; running agents under any sandbox is still a learning workflow; treat early runs as untrusted.

Evidence links

Closest alternatives / related signals

agent-runtimesecuritysandboxpolicyironcurtainmcpagent-trust