{"id":42549624,"url":"https://github.com/akios-ai/akios","last_synced_at":"2026-03-14T16:01:39.094Z","repository":{"id":333288242,"uuid":"1076144444","full_name":"akios-ai/akios","owner":"akios-ai","description":"Secure runtime for multi-agent AI. Kernel sandboxing (seccomp-bpf), real-time PII redaction, Merkle audit trails.","archived":false,"fork":false,"pushed_at":"2026-02-26T10:55:22.000Z","size":3316,"stargazers_count":5,"open_issues_count":0,"forks_count":3,"subscribers_count":2,"default_branch":"main","last_synced_at":"2026-02-26T16:40:42.079Z","etag":null,"topics":["agentic-ai","ai-agents","ai-safety","artificial-intelligence","compliance","eu-ai-act","machine-learning","merkle-tree","multi-agent","open-source","pii-redaction","python","runtime-enforcement","sandboxing","seccomp","trustworthy-ai","zero-trust"],"latest_commit_sha":null,"homepage":"https://akios.ai","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/akios-ai.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":"SUPPORT.md","governance":"GOVERNANCE.md","roadmap":"ROADMAP.md","authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":"NOTICE","maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":"DCO.md","cla":null},"funding":{"github":["akios-ai"]}},"created_at":"2025-10-14T13:13:25.000Z","updated_at":"2026-02-26T10:55:26.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/akios-ai/akios","commit_stats":null,"previous_names":["akios-ai/akios"],"tags_count":23,"template":false,"template_full_name":null,"purl":"pkg:github/akios-ai/akios","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/akios-ai%2Fakios","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/akios-ai%2Fakios/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/akios-ai%2Fakios/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/akios-ai%2Fakios/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/akios-ai","download_url":"https://codeload.github.com/akios-ai/akios/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/akios-ai%2Fakios/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30052312,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-03T15:26:47.567Z","status":"ssl_error","status_checked_at":"2026-03-03T15:26:17.132Z","response_time":61,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agentic-ai","ai-agents","ai-safety","artificial-intelligence","compliance","eu-ai-act","machine-learning","merkle-tree","multi-agent","open-source","pii-redaction","python","runtime-enforcement","sandboxing","seccomp","trustworthy-ai","zero-trust"],"created_at":"2026-01-28T19:02:58.310Z","updated_at":"2026-03-14T16:01:39.081Z","avatar_url":"https://github.com/akios-ai.png","language":"Python","funding_links":["https://github.com/sponsors/akios-ai"],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n  \u003cimg src=\"https://raw.githubusercontent.com/akios-ai/akios/main/assets/logo.png\" alt=\"AKIOS\" width=\"180\"/\u003e\n  \u003ch1\u003eAKIOS\u003c/h1\u003e\n  \u003ch3\u003eThe open-source security cage for AI agents\u003c/h3\u003e\n  \u003cp\u003e\n    \u003cstrong\u003eKernel-hard sandbox\u003c/strong\u003e · \u003cstrong\u003e44 PII patterns\u003c/strong\u003e · \u003cstrong\u003eMerkle audit trail\u003c/strong\u003e · \u003cstrong\u003eCost kill-switches\u003c/strong\u003e\n  \u003c/p\u003e\n\n  \u003ca href=\"https://pypi.org/project/akios/\"\u003e\u003cimg src=\"https://img.shields.io/pypi/v/akios?color=%2334D058\u0026label=PyPI\" alt=\"PyPI\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://pypi.org/project/akios/\"\u003e\u003cimg src=\"https://img.shields.io/pypi/pyversions/akios?color=%2334D058\" alt=\"Python\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/akios-ai/akios/blob/main/LICENSE\"\u003e\u003cimg src=\"https://img.shields.io/badge/license-GPL--3.0--only-blue\" alt=\"License\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/akios-ai/akios\"\u003e\u003cimg src=\"https://img.shields.io/badge/platform-Linux%20%7C%20macOS%20%7C%20Windows-lightgrey\" alt=\"Platform\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/akios-ai/akios/stargazers\"\u003e\u003cimg src=\"https://img.shields.io/github/stars/akios-ai/akios?style=social\" alt=\"Stars\"\u003e\u003c/a\u003e\n\u003c/div\u003e\n\n\u003cbr\u003e\n\n\u003cdiv align=\"center\"\u003e\n\n**AKIOS wraps any AI agent in a hardened security cage** — kernel-level process isolation,\u003cbr\u003e\nreal-time PII redaction, cryptographic Merkle audit trails, and automatic cost kill-switches —\u003cbr\u003e\nso you can deploy AI workflows in regulated environments without building security from scratch.\n\n\u003c/div\u003e\n\n\u003cbr\u003e\n\n\u003cdiv align=\"center\"\u003e\n\n[Quick Start](#-quick-start) · [Architecture](#-architecture) · [Features](#-key-features) · [Documentation](#-documentation) · [Contributing](#-contributing)\n\n\u003c/div\u003e\n\n\u003cbr\u003e\n\n## 🏗️ Architecture\n\n\u003e Every workflow step passes through five security layers before anything touches the outside world.\n\n```\n              ┌────────────────────────────────────┐\n              │        Untrusted AI Agents         │\n              │        LLMs, Code, Plugins         │\n              └──────────────────┬─────────────────┘\n                                 │\n                                 ▼\n╔════════════════════════════════════════════════════════════════╗\n║                     AKIOS SECURITY RUNTIME                     ║\n║                                                                ║\n║  ┌──────────────────────────────────────────────────────────┐  ║\n║  │ 1. Policy Engine    allowlist verification               │  ║\n║  │ 2. Kernel Sandbox   seccomp-bpf + cgroups v2             │  ║\n║  │ 3. PII Redaction    44 patterns, 6 categories            │  ║\n║  │ 4. Budget Control   cost kill-switches, token limits     │  ║\n║  │ 5. Audit Ledger     Merkle tree, SHA-256, JSONL          │  ║\n║  └──────────────────────────────────────────────────────────┘  ║\n║                                                                ║\n╚════════════════════════════════╤═══════════════════════════════╝\n                                 │\n                                 ▼\n              ┌────────────────────────────────────┐\n              │      Protected Infrastructure      │\n              │       APIs, Databases, Cloud       │\n              └────────────────────────────────────┘\n```\n\n## 🚀 Quick Start\n\n```bash\npip install akios\nakios init my-project \u0026\u0026 cd my-project\nakios setup                              # Configure LLM provider (interactive)\nakios run templates/hello-workflow.yml    # Run inside the security cage\n```\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003e📦 Docker (all platforms — macOS, Linux, Windows)\u003c/b\u003e\u003c/summary\u003e\n\n```bash\ncurl -O https://raw.githubusercontent.com/akios-ai/akios/main/src/akios/cli/data/wrapper.sh\nmv wrapper.sh akios \u0026\u0026 chmod +x akios\n./akios init my-project \u0026\u0026 cd my-project\n./akios run templates/hello-workflow.yml\n```\n\u003c/details\u003e\n\n### What happens when you run a workflow\n\n```\n$ akios run workflow.yml\n\n╔══════════════════════════════════════════════════════════╗\n║                   AKIOS Security Cage                    ║\n╠══════════════════════════════════════════════════════════╣\n║  🔒 Sandbox:   ACTIVE (seccomp-bpf + cgroups v2)        ║\n║  🚫 PII Scan:  44 patterns loaded                       ║\n║  💰 Budget:    $1.00 limit ($0.00 used)                  ║\n║  📋 Audit:     Merkle chain initialized                  ║\n╚══════════════════════════════════════════════════════════╝\n\n  ▶ Step 1/3: read-document ─────────────────────────────\n    Agent: filesystem │ Action: read\n    ✓ PII redacted: 3 patterns found (SSN, email, phone)\n    ✓ Audit event #1 logged\n\n  ▶ Step 2/3: analyze-with-ai ───────────────────────────\n    Agent: llm │ Model: gpt-4o │ Tokens: 847\n    ✓ Prompt scrubbed before API call\n    ✓ Cost: $0.003 of $1.00 budget\n    ✓ Audit event #2 logged\n\n  ▶ Step 3/3: save-results ─────────────────────────────\n    Agent: filesystem │ Action: write\n    ✓ Output saved to data/output/run_20250211_143052/\n    ✓ Audit event #3 logged\n\n══════════════════════════════════════════════════════════\n  ✅ Workflow complete │ 3 steps │ $0.003 │ 0 PII leaked\n══════════════════════════════════════════════════════════\n```\n\n## 🎯 Why AKIOS?\n\nAI agents can **leak PII** to LLM providers, **run up massive bills**, execute **dangerous code**, and leave **no audit trail**. Every team building with LLMs faces this security engineering burden.\n\nAKIOS provides **compliance-by-construction** — security guarantees that are architectural, not bolted on:\n\n| | Without AKIOS | With AKIOS |\n|:---:|:---|:---|\n| 🚫 | PII leaks to LLM providers | **Automatic redaction** before any API call |\n| 💸 | Runaway API costs | **Hard budget limits** with kill-switches |\n| 📋 | No audit trail for compliance | **Cryptographic Merkle-chained** logs |\n| 🔓 | Manual security reviews | **Kernel-enforced** process isolation |\n| 🤞 | Hope-based security | **Proof-based** security |\n\n## 🛡️ Key Features\n\n\u003ctable\u003e\n\u003ctr\u003e\n\u003ctd width=\"50%\"\u003e\n\n### 🔒 Kernel-Hard Sandbox\nseccomp-bpf syscall filtering + cgroups v2 resource isolation on native Linux. Policy-based isolation on Docker (all platforms).\n\n### 🚫 PII Redaction Engine\n44 detection patterns across 6 categories: personal, financial, health, digital, communication, location. Covers SSN, credit cards, emails, phones, addresses, API keys, and more. Redaction happens **before** data reaches any LLM.\n\n### 📋 Merkle Audit Trail\nEvery action is cryptographically chained. Tamper-evident JSONL logs with SHA-256 proofs. Export to JSON for compliance reporting.\n\n\u003c/td\u003e\n\u003ctd width=\"50%\"\u003e\n\n### 💰 Cost Kill-Switches\nHard budget limits ($1 default) with automatic workflow termination. Token tracking across all providers. Real-time `akios status --budget` dashboard.\n\n### 🤖 Multi-Provider LLM Support\nOpenAI, Anthropic, Grok (xAI), Mistral, Gemini, AWS Bedrock, Ollama — swap providers in one line of config. All calls are sandboxed, audited, and budget-tracked.\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/table\u003e\n\n## 📝 Workflow Schema\n\nAKIOS orchestrates YAML-defined workflows through **6 secure agents** — each running inside the security cage:\n\n```yaml\n# workflow.yml — every step runs inside the cage\nname: \"document-analysis\"\nsteps:\n  - name: \"read-document\"\n    agent: filesystem           # 📁 Path-whitelisted file access\n    action: read\n    parameters:\n      path: \"data/input/report.pdf\"\n\n  - name: \"analyze-with-ai\"\n    agent: llm                  # 🤖 Token-tracked, PII-scrubbed\n    action: complete\n    parameters:\n      prompt: \"Summarize this document: {previous_output}\"\n      model: \"gpt-4o\"\n      max_tokens: 500\n\n  - name: \"notify-team\"\n    agent: http                 # 🌐 Domain-whitelisted, rate-limited\n    action: post\n    parameters:\n      url: \"https://api.example.com/webhook\"\n      json:\n        summary: \"{previous_output}\"\n```\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003e🔍 Preview what the LLM actually sees (after PII redaction)\u003c/b\u003e\u003c/summary\u003e\n\n```bash\n$ akios protect show-prompt workflow.yml\n\nInterpolated prompt (redacted):\n  \"Summarize this document: The patient [NAME_REDACTED] with\n   SSN [SSN_REDACTED] was seen at [ADDRESS_REDACTED]...\"\n\n# 3 PII patterns redacted before reaching OpenAI\n```\n\u003c/details\u003e\n\n## 🔐 Security Levels\n\n| Environment | Isolation | PII | Audit | Budget | Best For |\n|:---|:---|:---:|:---:|:---:|:---|\n| **Native Linux** | seccomp-bpf + cgroups v2 | ✅ | ✅ | ✅ | Production, maximum guarantees |\n| **Docker** (all platforms) | Container + policy-based | ✅ | ✅ | ✅ | Development, cross-platform |\n\n\u003e **Native Linux** provides kernel-level guarantees where dangerous syscalls are physically blocked. **Docker** provides strong, reliable security across macOS, Linux, and Windows.\n\n## ⌨️ CLI Reference\n\n\u003ctable\u003e\n\u003ctr\u003e\u003cth\u003eCommand\u003c/th\u003e\u003cth\u003eDescription\u003c/th\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios init my-project\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eCreate secure workspace with templates\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios setup\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eConfigure LLM provider (interactive)\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios run workflow.yml\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eExecute workflow inside security cage\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios workflow validate w.yml\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eValidate workflow YAML against schema\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios status\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eSecurity \u0026 budget dashboard\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios status --budget\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eCost tracking breakdown per workflow\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios cage up / down\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eActivate / destroy cage + all data\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios cage up --no-pii --no-audit\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eAblation mode (benchmarking)\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios cage down --passes N\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eSecure overwrite with N passes\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios protect scan file.txt\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eScan file for PII patterns\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios protect show-prompt w.yml\u003c/code\u003e\u003c/td\u003e\u003ctd\u003ePreview what the LLM sees (redacted)\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios audit verify\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eVerify Merkle chain integrity\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios audit stats\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eAudit ledger statistics (event count, Merkle root)\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios audit rotate\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eRotate audit log with Merkle chain linkage\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios audit export --format json\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eExport audit logs for compliance\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios audit migrate --backend sqlite\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eMigrate audit logs to SQLite/PostgreSQL\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios audit prune --days N\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eEnforce audit retention policy\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios run --report\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eGenerate HTML security posture report\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios serve\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eStart REST API server (FastAPI)\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios doctor\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eSystem health check\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios templates list\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eBrowse industry workflow templates\u003c/td\u003e\u003c/tr\u003e\n\u003ctr\u003e\u003ctd\u003e\u003ccode\u003eakios http GET https://...\u003c/code\u003e\u003c/td\u003e\u003ctd\u003eSecure HTTP request via agent\u003c/td\u003e\u003c/tr\u003e\n\u003c/table\u003e\n\n## ⚡ Performance\n\n\u003e Measured on AWS EC2 **t4g.micro** (ARM64, 1 GB RAM) — the smallest instance available.\n\n| Operation | Latency | Notes |\n|:---|:---:|:---|\n| Full security pipeline | **0.47 ms** | PII + policy + audit + budget |\n| PII scan (44 patterns) | 0.46 ms | All 6 categories |\n| SHA-256 Merkle hash | 0.001 ms | Per audit event |\n| CLI cold start (Docker) | ~1.4 s | One-time startup |\n\n**Sub-millisecond overhead** means security adds virtually zero cost to your workflows.\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003e📊 Reproducibility \u0026 methodology\u003c/b\u003e\u003c/summary\u003e\n\nAll benchmarks are reproducible. See [EC2 Performance Testing](docs/ec2-performance-testing.md) for the full methodology, validation procedures, and instructions to run on your own infrastructure.\n\n\u003c/details\u003e\n\n## 📚 Documentation\n\n| | Guide | Description |\n|:---:|:---|:---|\n| 🚀 | [Getting Started](GETTING_STARTED.md) | 3-minute setup guide |\n| ⌨️ | [CLI Reference](docs/cli-reference.md) | All commands and flags |\n| ⚙️ | [Configuration](docs/configuration.md) | Settings, `.env`, `config.yaml` |\n| 🔒 | [Security](docs/security.md) | Architecture and threat model |\n| 🤖 | [Agents](AGENTS.md) | Filesystem, HTTP, LLM, Tool Executor, Webhook, Database |\n| 🐳 | [Deployment](docs/deployment.md) | Docker, native Linux, EC2 |\n| 🔧 | [Troubleshooting](TROUBLESHOOTING.md) | Common issues and fixes |\n| 📝 | [Changelog](CHANGELOG.md) | Release history |\n\n## 🏛️ Project Structure\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eClick to expand source tree\u003c/b\u003e\u003c/summary\u003e\n\n```\nsrc/akios/\n├── cli/                        # 21 CLI commands (argparse)\n│   └── commands/               # audit, compliance, doctor, http, protect, run, ...\n├── config/                     # YAML + .env configuration, themes, detection\n├── core/\n│   ├── analytics/              # Cost tracking (cost_tracker.py)\n│   ├── audit/                  # Merkle-chained JSONL ledger\n│   │   └── merkle/             # SHA-256 Merkle tree (tree.py, node.py)\n│   ├── compliance/             # Security posture scoring\n│   ├── runtime/\n│   │   ├── agents/             # LLM, HTTP, Filesystem, ToolExecutor, Webhook, Database\n│   │   ├── engine/             # Workflow orchestrator + kill switches\n│   │   ├── llm_providers/      # OpenAI, Anthropic, Grok, Mistral, Gemini, Bedrock, Ollama\n│   │   └── workflow/           # YAML parser + validator\n│   └── ui/                     # Rich terminal output, PII display, colors\n└── security/\n    ├── pii/                    # 44 regex patterns, 6 categories (detector, redactor, rules)\n    ├── sandbox/                # cgroups v2 resource isolation (manager, quotas)\n    ├── syscall/                # seccomp-bpf policy + interceptor\n    └── validation.py           # Runtime security validation\n```\n\n\u003c/details\u003e\n\n## 🔬 Research\n\nAKIOS introduces **compliance-by-construction** — the idea that security guarantees should be architectural properties of the runtime, not features that can be misconfigured or bypassed.\n\n\u003e Our NeurIPS 2026 submission formalizes this paradigm. Preprint coming soon on arXiv.\n\n## 🤝 Contributing\n\nWe welcome contributions! See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.\n\n```bash\ngit clone https://github.com/akios-ai/akios.git\ncd akios\nmake build    # Build Docker image\nmake test     # Run test suite\n```\n\nGood first issues are tagged with [`good first issue`](https://github.com/akios-ai/akios/labels/good%20first%20issue).\n\n## 💬 Community\n\n- 📖 [Documentation](docs/README.md)\n- 💬 [GitHub Discussions](https://github.com/akios-ai/akios/discussions)\n- 🐛 [Issue Tracker](https://github.com/akios-ai/akios/issues)\n- 🔒 Security issues → [security@akioud.ai](mailto:security@akioud.ai) (private disclosure)\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003e⚖️ Legal \u0026 Disclaimers\u003c/b\u003e\u003c/summary\u003e\n\n\u003e **EU AI Act:** AKIOS is not designed for \"high-risk\" use cases under the EU AI Act. For such deployments, consult a compliance expert and implement additional regulatory controls on top of AKIOS.\n\n**AKIOS is provided \"AS IS\" without warranty of any kind.** By using AKIOS you acknowledge:\n\n- **You are responsible for** your own API keys, cloud costs (AWS/GCP/Azure), IAM configurations, credential management, and infrastructure security. AKIOS cost kill-switches cover LLM API spend only — not compute, storage, or data transfer.\n- **Docker mode** provides strong policy-based security but does **not** enforce host filesystem permissions or kernel-level seccomp-bpf isolation. For maximum security, use native Linux with sudo.\n- **Performance varies** by instance type, region, load, and configuration. Published benchmarks are measured on AWS EC2 t4g.micro (ARM64) in us-east-1 and may not match your environment.\n- **PII redaction** uses regex pattern matching (44 patterns, \u003e95% accuracy) — it is not a substitute for professional data governance. Review output before sharing with external parties.\n- **Audit logs** in Docker may lose up to ~100 events if the container is forcefully killed (SIGKILL) during a flush window. Use native Linux for zero-loss audit durability.\n\nAKIOS is **not responsible** for: cloud infrastructure charges, credential leaks, data breaches from misconfigured deployments, performance on untested platforms, or regulatory compliance decisions. See [LEGAL.md](LEGAL.md) and [SECURITY.md](SECURITY.md) for full details.\n\n\u003c/details\u003e\n\n## 🏢 Need More?\n\nAKIOS covers 44 PII patterns, 6 agents, and full audit logging for most compliance workflows. If your organization needs **extended PII coverage** (50+ patterns including jurisdiction-specific identifiers), **governance dashboards**, or **dedicated support**, visit [akioud.ai](https://akioud.ai) to learn about our commercial offerings.\n\n## 🔗 Related Projects\n\n**[EnforceCore](https://github.com/akios-ai/EnforceCore)** — The open-source enforcement library (Apache-2.0) for AI agents. EnforceCore provides general-purpose policy enforcement, PII redaction, and audit trails for any agent framework. AKIOS is the complete production runtime built on top of it, adding kernel-level sandboxing, comprehensive PII redaction, workflow orchestration, and compliance reporting.\n\n## 📄 License\n\nAKIOS is licensed under [GPL-3.0-only](LICENSE).\nSee [NOTICE](NOTICE), [LEGAL.md](LEGAL.md), and [THIRD_PARTY_LICENSES.md](THIRD_PARTY_LICENSES.md).\n\n---\n\n\u003cdiv align=\"center\"\u003e\n  \u003cstrong\u003eRun AI agents safely — anywhere.\u003c/strong\u003e\n  \u003cbr\u003e\u003cbr\u003e\n  \u003ca href=\"GETTING_STARTED.md\"\u003eGet Started\u003c/a\u003e · \u003ca href=\"docs/cli-reference.md\"\u003eCLI Reference\u003c/a\u003e · \u003ca href=\"AGENTS.md\"\u003eAgents\u003c/a\u003e · \u003ca href=\"CHANGELOG.md\"\u003eChangelog\u003c/a\u003e\n  \u003cbr\u003e\u003cbr\u003e\n  \u003csub\u003eBuilt by \u003ca href=\"https://github.com/akios-ai\"\u003eakios-ai\u003c/a\u003e · Licensed under \u003ca href=\"LICENSE\"\u003eGPL-3.0-only\u003c/a\u003e\u003c/sub\u003e\n\u003c/div\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fakios-ai%2Fakios","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fakios-ai%2Fakios","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fakios-ai%2Fakios/lists"}