guardplane 1.0.0

Policy-enforcing runtime kernel and sandboxed runner for AI agents

Guardplane

Security kernel + sandboxed runner for AI agents.

Guardplane sits between an AI agent and the operating system. It enforces deny-by-default policy, approval gates, workspace sandboxing, MCP tool routing, and replayable audit logs.

What it does

• capability-based policy enforcement
• workspace filesystem sandbox
• approval queue and audited resume
• JSONL event log and replay
• MCP registry and tool routing
• wrapper execution via bridge and contained modes

Guardplane is not an agent framework. It is a runtime control plane for existing agents, wrappers, CI jobs, and deterministic runners.

Install

Install the CLI and daemon:

pipx install guardplane

If you want the examples and validation scripts, use a source checkout:

git clone https://github.com/lhy0718/Guardplane.git
cd Guardplane
pipx install .

Quickstart

export GUARDPLANE_AUTH_TOKEN="$(python3 -c 'import secrets; print(secrets.token_hex(24))')"
guardplaned
guardplane --auth-token "$GUARDPLANE_AUTH_TOKEN" init

Then create a workspace, register an agent, and run a guarded job. Full examples live in the repository.

Project links

• Repository: github.com/lhy0718/Guardplane
• README: Quickstart and usage
• Operations guide: docs/OPERATIONS.md
• Security hardening: docs/SECURITY_HARDENING.md
• Real-agent validation: docs/REAL_AGENT_VALIDATION.md

Release status

Guardplane is intended for self-hosted deployments and does not claim full kernel-grade isolation.