We built something different: a runtime layer that intercepts tool calls and enforces policy (filesystem, HTTP, shell, etc).
Example: Agent reads a webpage → becomes tainted Then tries to access sensitive files → blocked Then tries exfiltration → quarantined
Repo: https://github.com/AriKernel/arikernel
Curious if others are thinking about agent security this way.