HeadlinesBriefing favicon HeadlinesBriefing.com

Kastra adds AI agent policy enforcement

Hacker News •
×

Developers Fernando and his co-founder launched Kastra, a tool designed to provide runtime authorization for AI coding agents. The system intercepts tool calls made by agents like Claude Code, Cursor, and Codex, evaluating them against deterministic policies before execution. This addresses the risk of AI agents performing unintended or dangerous actions, such as modifying production databases.

Kastra operates by pushing an allow, hold, or deny decision for agent actions. Policies are written in plain English via a web app and evaluated in under a millisecond. The tool offers pre-built policy packs for common high-risk scenarios and logs all decisions in an immutable audit trail. The desktop app, CLI, and dashboard are available for free.

A feature called Recon scans an agent's local history for past risky actions, including touching production databases or executing shell commands from curl. This scan helps automatically generate rules to prevent future incidents, with scan data remaining local to the user's machine. The goal is to enable developers to delegate more to AI without solely trusting the probabilistic nature of LLMs, instead relying on defined rules.