Deterministic runtime security layer for AI agents. Enforces policies for file access, network requests, process execution, and tool invocation.
Project description
IronGate
Deterministic runtime security for Python AI agents
IronGate is a local, in-process policy enforcement layer for Python-based AI agents. It intercepts file, network, process, and tool operations at the Python API level and applies deterministic allow/review/block decisions based on a JSON policy file.
Quick Start
pip install irongate
Protect a Script
irongate run my_agent.py
All file, network, process, and tool operations will be intercepted and enforced against your policy.
Use as a Library
from agentshield import shield
with shield.protect():
agent.run(query)
Features
- ✅ Deterministic enforcement - No AI/ML heuristics, pure policy-based decisions
- ✅ Multiple enforcement layers - Audit hooks + monkeypatching for defense in depth
- ✅ Local-only runtime - All processing happens in-process, no external services
- ✅ Fine-grained control - Policy rules for file, network, process, and tool operations
- ✅ Human-in-the-loop - Dashboard for reviewing and approving operations
- ✅ Audit trail - Hash-chained SQLite logs for tamper evidence
- ✅ Deny-by-default - Unknown operations are blocked by default
Intercepted Operations
- File:
open(),read(),write(),unlink(),rename(),mkdir(), and more - Network:
requests,httpx,urllib,aiohttp,socket,ssl - Process:
subprocess,os.system,os.exec*,os.spawn* - Tools: Custom function invocations through LangChain or generic wrappers
Installation
pip install irongate
Requires Python 3.8+ (audit hooks introduced in Python 3.8).
Documentation
- Full documentation: https://github.com/pratikacharya1234/Irongate#readme
- Security model: https://github.com/pratikacharya1234/Irongate/blob/main/SECURITY_MODEL.md
- Threat model: https://github.com/pratikacharya1234/Irongate/blob/main/THREAT_MODEL.md
License
MIT License - see LICENSE for details.
Contributing
Contributions welcome! See CONTRIBUTING.md for guidelines.
Status: Experimental (v0.1.0) for evaluation and feedback. Not recommended for production use without thorough testing.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file irongate-0.0.2.tar.gz.
File metadata
- Download URL: irongate-0.0.2.tar.gz
- Upload date:
- Size: 64.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.11
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e8b41ef4b4e862f4d80e33dabf12b4fd443dbaa262845e366afe52e75cce2b14
|
|
| MD5 |
7e8a4ff9b82ad5f8d98d101b574b1d02
|
|
| BLAKE2b-256 |
8ba7f5d6e948aa7574d49db39ed3377314210e8702961ef23998b6ce9513d985
|
File details
Details for the file irongate-0.0.2-py3-none-any.whl.
File metadata
- Download URL: irongate-0.0.2-py3-none-any.whl
- Upload date:
- Size: 59.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.11
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f1838fadafcfb12b09271b0c8baaeeeab360477782b8f8f8fbf059ae307e8279
|
|
| MD5 |
e9016f2ce522f53bd77daa9675fba49a
|
|
| BLAKE2b-256 |
a210190195d5918e800407d4e0c46cdf88d2cec918e3fd61ef3799cb1b259d58
|