|
|
|
|
|
|
by P-MATRIX
98 days ago
|
|
|
This is exactly the kind of problem that led me to build a runtime governance layer for coding agents. Hooks alone aren't a security boundary — Anthropic and Trail of Bits both say "guardrails, not walls." The missing piece is continuous behavioral measurement: tracking tool failures, subagent spawns, and risk drift in real time, then blocking dangerous calls before execution based on a live risk score — not just pattern matching. I've been working on this at P-MATRIX (open source, Apache-2.0). The core idea: a 4-axis trust model that produces a real-time risk score R(t), and a Safety Gate that intercepts tool calls based on that score. Kill switch activates automatically when risk crosses a threshold. npm: @pmatrix/claude-code-monitor | GitHub: github.com/p-matrix/claude-code-monitor |
|
|