Runtime Safety Infrastructure for AI Agents

nono.sh · TheTaytay · 1 day ago · view on HN · tool
quality 3/10 · low quality
0 net
AI Summary

nono is a runtime security infrastructure for AI agents providing kernel-enforced process isolation, capability-based access control, and immutable auditing through multi-language SDKs (Python, TypeScript, Rust, C FFI). It enables deny-by-default policies for filesystem, network, and secrets access to prevent agents from inheriting full user privileges.

Tags
ai-agent-security runtime-isolation sandbox capability-based-security kernel-enforced-isolation access-control supply-chain-security container-security security-tool multi-language-sdk
Entities
nono Sigstore PyPI Homebrew Maven Google GitHub NVIDIA Zenity Semgrep Bit Complete
Next-Generation Agent Security | nono Runtime Safety Infrastructure for AI Agents Kernel-enforced isolation, immutable auditing, and atomic rollbacks — built into the CLI and native SDKs. Get Started Documentation Homebrew Crates > brew install nono From the creator of Sigstore The industry standard for software signing, used by PyPi, Homebrew, Maven and Google, GitHub, NVIDIA Learn more Learn more Learn more Learn more Learn more Python import nono_py as nono caps = nono . CapabilitySet ( ) caps . allow_path ( "/project" , nono . AccessMode . READ_WRITE ) caps . block_network ( ) nono . apply ( caps ) TypeScript import { CapabilitySet , AccessMode , apply } from 'nono-ts' ; const caps = new CapabilitySet ( ) ; caps . allowPath ( '/project' , AccessMode . ReadWrite ) ; caps . blockNetwork ( ) ; apply ( caps ) ; Rust use nono :: { CapabilitySet , AccessMode , Sandbox } ; let caps = CapabilitySet :: new ( ) . allow_path ( "/project" , AccessMode :: ReadWrite ) ? . block_network ( ) ; Sandbox :: apply ( & caps ) ? ; C FFI bindings for any language with C interop C C++ Go Swift Ruby Zig “ OS-Level Isolation for AI Agents. Really awesome work and resource here ” Chris Hughes VP, Security Strategy @ Zenity “ Neat project, thanks for sharing! I like the OS-specific security primitives, useful built-in profiles, and being able to customize what's allowed/blocked. ” Clint Gibler Head of Security Research at Semgrep “ I integrated nono into my project this weekend and it was a breeze to work with! ” Terra Tauri Senior Engineer II, Bit Complete “ nono hits the real problem: agents shouldn’t inherit full user trust by default. Treating them like untrusted processes, with deny-by-default filesystem, network, and secrets access, feels like the right baseline going forward. ” snapsec Centralising Application Security “ Beautiful work! It is encouraging to see kernel security being taken seriously, especially during this current episode of OpenClaw and Moltbot. ” Cuong Nguyen Cloud Architect and System Engineer Get Started Read the Docs
← Back to stories