Sandboxed plugin VM with typed capabilities, deterministic replay, and time-travel debugging — written in Rust.
Native Rust runtime for adversarial extension workloads with deterministic replay, cryptographic decision receipts, and fleet-scale containment.
A scripting language for cowboy coders
plan-bound authorization architecture for governing privileged effects in untrusted computational agents.
Electron runtime layer providing protocol-based separation, component assembly, and capability-based process control.
KAIROS-ARK is a high-performance, Rust-based Agent Runtime Kernel built for industrial-grade reliability. It delivers sub-100µs dispatch latency, event-sourced deterministic replay, and kernel-enforced capability sandboxing, bridging Python prototypes and production AI systems.
The Estate's primary MCP server — GitHub, GitLab, and 115+ capability cartridges. Formally verified BoJ-server-ABI in Idris2 0.8.0 (%default total) with safety lemmas for credential isolation.
A WASM‑first, capability‑native unikernel designed to run small, isolated WASI workloads on edge/cloud hosts, providing deterministic temporal snapshots, capability‑based authority transfer, and in‑kernel verification to enable secure, auditable migration and replay. It targets security and audit-sensitive deployments and systems‑research
my tinkering notebook (blog)
The Kernel of CharlotteOS, An Experimental Modern Operating System
Cryptographic trust mediation layer for AI agent frameworks. Apache 2.0 reference architecture composing device-attested admission, short-TTL scoped capabilities, runtime continuity envelopes, context provenance anchoring, agent intent binding, FHE context gate, MCP boundary mediation, signed policy bundles, and tamper-evident audit chain.
JavaScript on genode using the Moddable XS engine
Capability-security kernel for autonomous agents — seccomp/SELinux for agentic AI. Formal, auditable, language-agnostic, cryptographically verifiable.
A capability-centric programming language. Hand-written compiler in Python.
Bounded shell and CLI execution for AI agents: structured contracts, policy-gated execution, hardened Linux runtime enforcement, and signed receipts.
🚀 Streamline agentic AI workflows with KAIROS-ARK, a robust OS focused on integrity, reproducibility, and superior governance for critical applications.
VCP — Verifiable Capability Protocol: zero-trust capability execution for AI agents. A stricter sibling of MCP where models plan and a signed gateway enforces. Signed content-addressed capabilities, proof-bound single-use grants, plan/apply, taint-aware policy.
A sample fastapi web app to integrate with a Tahoe-LAFS grid
Add a description, image, and links to the capability-security topic page so that developers can more easily learn about it.
To associate your repository with the capability-security topic, visit your repo's landing page and select "manage topics."