Sandboxed plugin VM with typed capabilities, deterministic replay, and time-travel debugging — written in Rust.
Native Rust runtime for adversarial extension workloads with deterministic replay, cryptographic decision receipts, and fleet-scale containment.
A scripting language for cowboy coders
plan-bound authorization architecture for governing privileged effects in untrusted computational agents.
Electron runtime layer providing protocol-based separation, component assembly, and capability-based process control.
KAIROS-ARK is a high-performance, Rust-based Agent Runtime Kernel built for industrial-grade reliability. It delivers sub-100µs dispatch latency, event-sourced deterministic replay, and kernel-enforced capability sandboxing, bridging Python prototypes and production AI systems.
The Estate's primary MCP server — GitHub, GitLab, and 115+ capability cartridges. Formally verified BoJ-server-ABI in Idris2 0.8.0 (%default total) with safety lemmas for credential isolation.
A capability-native research kernel for explicit authority, isolated execution, temporal state, and verifiable system boundaries. It is particularly efficient with WebAssembly
A capability-centric programming language. Hand-written compiler in Python.
my tinkering notebook (blog)
Security-first programming language for building high-assurance services, secure communications, privacy-aware networking tools, policy-enforced runtimes, secret-safe data pipelines, and auditable least-authority systems.
The Kernel of CharlotteOS, An Experimental Modern Operating System
Cryptographic trust mediation layer for AI agent frameworks. Apache 2.0 reference architecture composing device-attested admission, short-TTL scoped capabilities, runtime continuity envelopes, context provenance anchoring, agent intent binding, FHE context gate, MCP boundary mediation, signed policy bundles, and tamper-evident audit chain.
JavaScript on genode using the Moddable XS engine
Capability-security kernel for autonomous agents — seccomp/SELinux for agentic AI. Formal, auditable, language-agnostic, cryptographically verifiable.
Bounded shell and CLI execution for AI agents: structured contracts, policy-gated execution, hardened Linux runtime enforcement, and signed receipts.
Self-hosted control plane for authenticated remote task execution: signed dispatch, scope-bound capability tokens, policy-gated runners, and a federated overlay. Python/Rust parity. Apache-2.0.
A sample fastapi web app to integrate with a Tahoe-LAFS grid
Tiny Rust runtime turning devices you own into one cooperative compute fabric, gated by typed capabilities
Add a description, image, and links to the capability-security topic page so that developers can more easily learn about it.
To associate your repository with the capability-security topic, visit your repo's landing page and select "manage topics."