Developer Builds Open-Source Firewall for AI Agents After Near-Miss Database Deletion
A developer built an open-source security gateway called Bastion Gateway after a research AI agent nearly dropped a production database table, stopped only by a 403 error. The tool was designed to address two unguarded layers in the developer's Agent OSI model: identity and governance. Bastion Gateway works by enforcing per-agent allowlists, stripping sensitive data from outbound payloads, holding destructive actions for human approval, and maintaining a signed, immutable audit log. Every agent decision is recorded in an ed25519-signed JSON log following the Compliance-as-Code evidence spec, intended as verifiable proof for auditors and compliance teams. The self-hosted version is free and available on GitHub under the Apache-2.0 license, with a hosted version offering additional features currently on a waitlist.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.
Discussion (0)
Log in to join the discussion and vote.
Log in