Hey HN, maker here. We just released v2.0 of Vigil (formerly AgentShield). We kept seeing agents get blocked by security teams because they couldn't verify who the agent was or how much it was spending. v2.0 introduces a Cryptographic Identity layer. We sign requests using RSA-2048 keys (locally) or AWS KMS (in prod) so you can verify agent actions non-repudiably. We also added a hybrid cost engine that tracks token usage offline for local models (Llama 3/Mistral) so you can dev for free. Everything is Python/Flask. Would love feedback on our new 'Lazy Loading' architecture for PII redaction.