Hunee

Most agent frameworks put safety rules in the system prompt and hope the model follows them. Wrong layer — one injection and they're gone. OpenShell enforces policy via a YAML file. A supervisor sits outside the agent and controls: 🌐 network — default deny 📁 filesystem — sandboxed workspace 🧠 inference — managed endpoint 🔑 credentials — injected at runtime Compromise the agent, the policies still hold.

7 things every team needs locked down before shipping a multi-user agent to production. Rogue agents can run up a $10K bill overnight. Agents can hallucinate for 100s of users. Most builders don't notice. Here's what you should be monitoring. TL;DR 📋 🔀 Model control - unified layer between your code and models, swap providers without breaking your stack 📝 Prompt registry - version your prompts, keep them out of the codebase, treat them like a second tier of code 🛡️ Guardrails - pre and post LLM, pre and post tool calls. Handle PII, PHI, prompt injection, and output filtering ��� Budget limiting - hard caps per model and project. The cloud providers won't do this for you 🔧 Tools & MCPs - central auth, granular permissions, test every one 📊 Monitoring & Tracing - trace every request, response, error, and latency spike ✅ Evals - before go-live and after. Catch the silent failures before your users do

𝐆𝐞𝐦𝐦𝐚 𝟒 has landed with an 𝐀𝐩𝐚𝐜𝐡𝐞 𝟐.𝟎 𝐥𝐢𝐜𝐞𝐧𝐬𝐞. That alone would be news. But what's inside these models makes it a bigger deal. 𝗧𝗟;𝗗𝗥 📝 🏗️ 4 models across 2 tiers — 𝐖𝐨𝐫𝐤𝐬𝐭𝐚𝐭𝐢𝐨𝐧 (𝟐𝟳𝗕𝗔𝟰𝗕 𝗠𝗢𝗘, 𝟯𝟭𝗕 𝗱𝗲𝗻𝘀𝗲) and 𝗘𝗱𝗴𝗲 (𝗘𝟮𝗕, 𝗘𝟰𝗕) 🧠 128 experts in the MOE, only 3.8B active per token  🔊 Native audio support on Edge models with a 50% smaller audio encoder than Gemma 3N(681M → 305M params) 👁️ New vision encoder with variable aspect ratios and resolutions — much better OCR and document understanding 🤔 Built-in chain-of-thought 𝗿𝗲𝗮𝘀𝗼𝗻𝗶𝗻𝗴 𝗮𝗰𝗿𝗼𝘀𝘀 𝘁𝗲𝘅𝘁, 𝗶𝗺𝗮𝗴𝗲𝘀, 𝗮𝗻𝗱 𝗮𝘂𝗱𝗶𝗼 🛠️ 𝗙𝘂𝗻𝗰𝘁𝗶𝗼𝗻 𝗰𝗮𝗹𝗹𝗶𝗻𝗴 𝗯𝗮𝗸𝗲𝗱 𝗶𝗻 from architecture level, not prompt-coaxed 📏 𝟭𝟮𝟴𝗞 𝗰𝗼𝗻𝘁𝗲𝘅𝘁 on edge, 𝟮𝟱𝟲𝗞 on workstation models 🌐 140 languages in pre-training, 35 in instruction tuning