Agents get more autonomous every week. The question isn't whether one fires a destructive action. It's whether you stopped it, and whether you can prove it.
Open source. Apache 2.0. https://t.co/xBMNyVGpYf
You gave an AI agent access to your file system. Right now you're trusting it not to delete the wrong thing.
Observability tools show you the disaster in a dashboard. After it happens.Tombstone stops its hand before it lands, then hands you a signed receipt of what it tried.
I built a tamper-evident audit chain for AI decisions. So I put it in your browser.
Tamper with one record. Watch the cryptographic proof collapse, live.
Not an animation. Real HMAC-SHA256 + Ed25519, the same chain `pip install air-blackbox` writes.
https://t.co/bnCrDPVAVg
Shipped 3 APIs today for AI governance:
Detect shadow AI in any professional text
Policy-check AI agent actions before they execute
Scan Python code for EU AI Act compliance
One key. One credit balance. 25 free calls/month.
Try it: https://t.co/S2akORyPSf
Shipped 3 APIs today for AI governance:
Detect shadow AI in any professional text
Policy-check AI agent actions before they execute
Scan Python code for EU AI Act compliance
One key. One credit balance. 25 free calls/month.
Try it: https://t.co/S2akORyPSf
Your AI agent just approved a $75K loan. Can you prove who authorized it? Can you prove what policy was active? We built covenants + Ed25519 bilateral receipts to answer that.
Open source, runs locally, zero cloud dependency.
Live demo: https://t.co/Xo0zXYxt9k
Your AI is making million-dollar decisions.
Nobody has audited it.
8 industries. Trillions in transactions. Zero compliance infrastructure.
I mapped the gap. Full breakdown:
https://t.co/PVncvVaTWr
I built an open-source scanner for this.
pip install air-blackbox
air-blackbox scan .
Checks 6 EU AI Act articles. Maps to 4 regulatory frameworks. Your code never leaves your machine.
Full breakdown of all 8 industries: https://t.co/PVncvVaTWr
Microsoft just shipped an "Agent Governance Toolkit."
Google's A2A protocol hit 150 orgs in production.
When the biggest companies in the world start shipping
open-source agent governance tooling, the problem is real.
Here's what we built before it got crowded: 🧵
👇 https://t.co/o1MqFIuTVh
Three types of proof in one audit chain:
→ Integrity (HMAC-SHA256): records weren't changed
→ Completeness (sequences): records weren't dropped
→ Identity (Ed25519): the right agent signed the handoff
Apache 2.0. Local-first. Zero cloud.
The verifier checks all three. Cryptographic proof.
pip install air-trust[handoffs]
Built an interactive demo so you can see it break.
9 steps walk you through the full protocol.
Then there's a red "Tamper with Chain" button.
Click it. Watch the HMAC chain detect the tamper.
We shipped Ed25519 signed handoffs in air-trust v0.6.1.
Three records. Three signatures. One interaction ID.
handoff_request → Agent A signs: "here's the task"
handoff_ack → Agent B signs: "I received it"
handoff_result → Agent B signs: "here's my output"