ironcurtain
Active·★ 476·Apache-2.0·Updated 2026-05-28
★ Security & Safety★ LLM Infra
A secure* runtime for autonomous AI agents. Policy from plain-English constitutions. (*https://ironcurtain.dev)
IronCurtain provides a secure runtime for autonomous AI agents, enforcing security policies derived from human-readable constitutions to prevent issues like prompt injection. It ensures agents operate within defined boundaries through mechanisms like V8 isolates and a policy engine that mediates all tool calls.
#AI Agents#Security#Runtime#Policy Engine#LLM#Sandboxing#Prompt Injection#Docker
01
Features
01Constitution-driven Security Policy: Define security intent in plain English, which is then compiled into deterministic and enforceable rules.
02Semantic Interposition & Runtime Enforcement: All agent interactions and tool calls are routed through a policy engine that allows, denies, or escalates based on policy.
03Untrusted Agent Model: Assumes the LLM may be compromised (e.g., by prompt injection or drift), enforcing security at the boundary regardless of the model's behavior.
04Multi-mode Operation: Supports both an internal LLM agent running in a V8 sandbox (Code Mode) and external agents running in Docker containers (Docker Agent Mode).
05Built-in Capabilities: Ships with pre-configured MCP servers for filesystem, Git, web fetching, and GitHub operations, all governed by policy.
02
Compatibility
Node.js
Runtime
Verified via docs
Docker
Containerization
Verified via docs
Anthropic API
LLM Provider
Verified via docs
Google Generative AI API
LLM Provider
Verified via docs
OpenAI API
LLM Provider
Verified via docs
03
Quick start
1
$ npm install -g @provos/ironcurtain
04
Use cases
↳Securely Automating Development Tasks: Allowing AI agents to manage files and execute Git operations like cloning and pushing changes within defined security boundaries.
↳Autonomous Code Management and Bug Fixing: Utilizing agents to fix failing tests or perform code modifications in a project workspace with robust policy enforcement.
↳Controlled API Interactions: Enabling agents to interact with web services (e.g., web search, GitHub APIs) with granular policy control over each specific API call.
↳Managing AI Agent Security in Complex Environments: Running external AI agents (e.g., Claude Code, Goose) securely within a Docker container, with IronCurtain mediating every tool call through its policy engine.
↳Remote Agent Control and Escalation Handling: Interacting with and approving agent actions via end-to-end encrypted messaging platforms like Signal.
05
Alternatives
awesome-n8n-templates★ 22.6k
Supercharge your workflow automation with this curated collection of n8n templates! Instantly connect your favorite apps-like Gmail, Telegram, Google Drive, Slack, and more-with ready-to-use, AI-powered automations. Save time, boost productivity, and unlock the true potential of n8n in just a few clicks.
FastMCP★ 25.4k
The fast, Pythonic way to build MCP servers and clients. Designed by the Pydantic team for type safety and speed.
ragflow★ 81.5k
RAGFlow is a leading open-source Retrieval-Augmented Generation (RAG) engine that fuses cutting-edge RAG with Agent capabilities to create a superior context layer for LLMs
Context7★ 56.4k
MCP Server that provides up-to-date code documentation for LLMs and AI code editors.
GitHub MCP Server★ 30.3k
GitHub's official MCP Server. Allows AI agents to interact directly with your GitHub repositories (read files, search code, issues).
Related searches
Comments
Log in to leave a comment
- QQuinn PatelMay 18, 2026
Used as the policy layer for production agents handling sensitive operations
- SSasha ZhangMay 12, 2026
The constitutional approach scales to complex policies without code changes
- CCameron ClarkMay 6, 2026
The policy enforcement is secure without requiring security expertise to configure
- OOakley ChenMar 4, 2026
Plain-English constitutional policies for AI agent runtime is the right UX for governance