A system-level defense framework for AI agents that intercepts and blocks indirect prompt injection attacks using strict instruction provenance and dynamic policy enforcement.

Deterministic execution boundary for AI systems enforcing signed approvals, replay protection, and cryptographic receipts.

Inspired from https://github.com/anthropic-experimental/sandbox-runtime. A python sandboxing tool for enforcing filesystem and network restrictions on arbitrary processes at the OS level, without requiring a container.

Secure Agent Operating Environment — SATL envelopes + ToolGate + red-team hardened MVP (v0.1.0 RT-Hardened)