Hey everyone!
π GitHub Repo: https://github.com/Twix1288/W.H.A/tree/main
With tools like Cursor, Claude Desktop, and various MCP servers becoming part of our daily workflows, I started worrying a bit about the attack surface of having autonomous, stateful AI agents running locally. What happens if an agent pulls down a poisoned package or executes a malicious tool?
To try and solve this for myself, I built W.H.Agent (White Hat Agent). Itβs an open-source CLI and sandboxing tool designed to act as a pre-execution and runtime defense for AI agents.
To be completely honest, itβs still very much a work in progress (the OS-native sandboxing is currently macOS-only, for example), and Iβm sure there are edge cases I haven't even thought of yet. But I decided to open-source it today because I genuinely want to see if this approach brings value to other developers.
A few things it currently does:
- Global Auto-Discovery: Scans your machine to find where agents/MCP servers are installed.
- AST Taint Tracking: Parses agent scripts to detect data exfiltration before it runs.
- OS-Native Sandboxing: Wraps execution in sub-millisecond sandboxes (using macOS Seatbelt profiles currently) instead of heavy Docker containers.
- Secure npm Installs: Checks for typosquatting and supply chain risks.
I figured the best way to learn and improve it is to put it out there. If you have a few minutes, I would be incredibly grateful if you checked it out or gave it a quick roast. Is this something you would use in your workflow?
Thanks so much for your time, and I'm looking forward to any feedback (the good, the bad, and the ugly)!
Top comments (0)