A lot of AI-agent safety tooling is framed around blocking bad actions.
Blocking matters, but it is not enough.
If a guard blocks 100 actions, I still want to know whether those decisions were correct. If it allows one action, I want to know why that action was allowed. If something goes wrong later, I want a record that can be inspected without replaying a whole chat transcript.
That is the idea behind Armorer Guard.
Armorer Guard is about runtime decision records for agent actions: compact receipts that explain what was requested, what policy or rule evaluated it, what evidence was used, what decision was made, and what changed afterward.
Repo: https://github.com/ArmorerLabs/Armorer-Guard
The shape I keep coming back to is:
- requested action
- actor / session / run id
- tool or capability
- normalized params or params hash
- policy or gate version
- decision
- reason code
- result
- evidence bundle or replay pointer
The point is not to make agents less useful. The point is to make consequential agent behavior inspectable.
A model transcript is good debugging context, but it should not be the only audit record. The action boundary should leave boring, structured evidence.
If you are building agent gateways, MCP tooling, coding-agent guardrails, eval harnesses, or approval systems, I would love feedback on the repo. A star is appreciated, but a sharp issue or critique is even better.
Top comments (0)