15:06
2026-06-30
github.com
ai-safety
Show HN: Bulwark β a kernel read gate so coding agents can't read .env or .ssh
Bulwark, an OS-level read gate for AI coding agents, blocks file reads at the kernel level by inode before bytes reach the agent, preventing access to protected files like .env or .ssh. It uses fanotiβ¦