{"slug": "brex-open-sources-crabtrap-to-secure-enterprise-ai-agents", "title": "Brex open sources CrabTrap to secure enterprise AI agents", "summary": "Brex open-sourced CrabTrap, an HTTP proxy that intercepts AI agent network traffic and uses an LLM judge to approve or deny requests in real time, addressing security gaps in autonomous agent deployments. The platform combines deterministic rules with AI evaluation, audit trails, and a policy generator to control API access and prevent prompt injection attacks.", "body_md": "# Brex open-sources CrabTrap, a proxy that polices AI agents before they go rogue with your API keys\n\nThe fintech company built an HTTP proxy that intercepts AI agent network traffic and uses an LLM judge to approve or deny requests in real time\n\nBrex has open sourced CrabTrap, an internal security platform designed to control how autonomous AI agents access APIs, credentials and online services.\n\nThe platform was developed as Brex explored how to deploy agent frameworks such as OpenClaw across its operations. The company found that traditional model guardrails and tool permissions were not enough to control agents with access to API keys, OAuth tokens and service accounts.\n\nCrabTrap operates as an HTTP and HTTPS proxy positioned between an agent and every outbound network request. It examines traffic against established policies before deciding whether a request should be approved or blocked.\n\nUsers route agent traffic through the platform by configuring their HTTP_PROXY and HTTPS_PROXY environment settings. This allows CrabTrap to work across different programming languages, frameworks and APIs without requiring individual SDK integrations.\n\nThe system combines deterministic rules with an AI model that evaluates requests outside known traffic patterns. Brex said the AI judge typically activates for fewer than 3% of requests after an agent has established predictable behavior.\n\nBrex also built a policy generator that studies historical network traffic while agents operate in shadow mode. It samples requests and drafts natural language policies based on how the agents actually behave.\n\nAn evaluation system then compares proposed policy changes against previous traffic before they are deployed. CrabTrap stores full audit trails and can flag repeated denials so a person or another agent can propose an updated policy.\n\nOne of the main development challenges was prompt injection. Because the AI judge receives HTTP requests containing user controlled information, a malicious URL, header or request body could attempt to manipulate its decision.\n\nBrex addressed the issue by converting requests into structured JSON before passing them to the model, ensuring user controlled content is escaped rather than inserted as raw text.\n\nThe company said CrabTrap has increased internal confidence in deploying autonomous agents across more business operations. Its audit logs have also helped Brex identify unnecessary tools, requests and token usage within its agent systems.\n\nBrex plans to expand CrabTrap with single sign on, role based access controls, permission escalation workflows and automated policy management.\n\nThe open source project has already attracted more than 700 GitHub stars, with Brex reporting interest from OpenAI, Y Combinator CEO Garry Tan and developer Pete Steinberger.\n\n**Disclosure:** This article was edited by Editorial Team. For more information on how we create and review content, see our\n\n[Editorial Policy](https://cryptobriefing.com/editorial-policy/).", "url": "https://wpnews.pro/news/brex-open-sources-crabtrap-to-secure-enterprise-ai-agents", "canonical_source": "https://cryptobriefing.com/brex-crabtrap-ai-agent-security/", "published_at": "2026-07-17 17:55:18+00:00", "updated_at": "2026-07-17 18:05:52.259280+00:00", "lang": "en", "topics": ["ai-agents", "ai-safety", "ai-tools", "ai-infrastructure", "ai-policy"], "entities": ["Brex", "CrabTrap", "OpenClaw", "OpenAI", "Garry Tan", "Pete Steinberger"], "alternates": {"html": "https://wpnews.pro/news/brex-open-sources-crabtrap-to-secure-enterprise-ai-agents", "markdown": "https://wpnews.pro/news/brex-open-sources-crabtrap-to-secure-enterprise-ai-agents.md", "text": "https://wpnews.pro/news/brex-open-sources-crabtrap-to-secure-enterprise-ai-agents.txt", "jsonld": "https://wpnews.pro/news/brex-open-sources-crabtrap-to-secure-enterprise-ai-agents.jsonld"}}