Skip to main content

Define the boundaries of autonomous agents.

Agent Assembly gives every AI agent an identity, limits what it can do, and keeps secrets outside the model’s reach — across in-process SDKs, a sidecar proxy, and eBPF kernel hooks.

Get started →View on GitHub
The problem

Agent frameworks help agents act. Nothing governs what they do.

Autonomous agents call tools, move money, and touch production systems — with the same credentials as the human who deployed them, and secrets sitting inside the model’s context window. Agent Assembly is the runtime boundary that was missing.

What Agent Assembly enforces

Three boundaries for every agent

🪪

Identity

Every agent gets a verifiable identity scoped to a team, so policy and audit can answer "who did this".

🛡️

Authority

Allow/deny policy, egress control, budgets, and human-in-the-loop gates limit what each agent is permitted to do.

🔑

Secret Isolation

Real credentials are injected at execution time and never enter the model context the agent can see.

How it works

Three independently-deployable interception layers

Adopt the depth you need — from a one-line SDK import to kernel-level enforcement.

SDKIn-process hooks (Python, Node.js, Go) emit events and apply pre-execution allow/deny. The fastest path.
ProxyA sidecar MitM proxy enforces network-egress policy with no code changes — catches what the SDK misses.
eBPFKernel uprobes on SSL libraries plus exec/file syscall hooks catch everything, including bypass attempts (Linux).
GatewayThe brain: agent registry, policy engine, per-team budgets, and the audit trail — over gRPC and HTTP.
Choose your path

Start open-source, or let us host it

⚙️

Open-source Core

Run the gateway, CLI, SDKs, proxy, and eBPF yourself. Free and self-hosted.

Browse the source
☁️

Hosted Control Plane

A managed cloud console for orgs, teams, policy, approvals, and audit.

Open Cloud Console
📚

Technical Docs

Architecture, install paths, policy reference, and SDK guides.

Read the docs
From the blog

Build notes, engineering, and security write-ups

Why the runtime boundary matters and how we’re building it.

Read the blog →

Give your agents a boundary.

Identity, authority, and secret isolation — in one runtime layer.

Get started →Explore the product