{"id":47628742,"url":"https://github.com/algorismo-au/lanekeep","last_synced_at":"2026-04-07T16:02:19.278Z","repository":{"id":346094442,"uuid":"1188511517","full_name":"algorismo-au/lanekeep","owner":"algorismo-au","description":"Governance guardrails and insights for AI coding agents","archived":false,"fork":false,"pushed_at":"2026-04-01T11:18:31.000Z","size":4783,"stargazers_count":11,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-04-02T07:09:12.430Z","etag":null,"topics":["agentic-coding","ai-agents","ai-governance","ai-safety","bash","budgets","claude-code","cli","compliance","devsecops","devtools","governance","guardrails","observability","pii-detection","prompt-injection","security"],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/algorismo-au.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":"NOTICE","maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-03-22T07:14:41.000Z","updated_at":"2026-04-01T11:18:34.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/algorismo-au/lanekeep","commit_stats":null,"previous_names":["algorismo-au/lanekeep"],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/algorismo-au/lanekeep","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/algorismo-au%2Flanekeep","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/algorismo-au%2Flanekeep/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/algorismo-au%2Flanekeep/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/algorismo-au%2Flanekeep/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/algorismo-au","download_url":"https://codeload.github.com/algorismo-au/lanekeep/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/algorismo-au%2Flanekeep/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31518643,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-07T03:10:19.677Z","status":"ssl_error","status_checked_at":"2026-04-07T03:10:13.982Z","response_time":105,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agentic-coding","ai-agents","ai-governance","ai-safety","bash","budgets","claude-code","cli","compliance","devsecops","devtools","governance","guardrails","observability","pii-detection","prompt-injection","security"],"created_at":"2026-04-01T23:03:35.584Z","updated_at":"2026-04-07T16:02:19.246Z","avatar_url":"https://github.com/algorismo-au.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cpicture\u003e\n    \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"images/lanekeep-logo-mark.svg\" /\u003e\n    \u003csource media=\"(prefers-color-scheme: light)\" srcset=\"images/lanekeep-logo-mark-light.svg\" /\u003e\n    \u003cimg src=\"images/lanekeep-logo-mark-light.svg\" alt=\"LaneKeep\" width=\"120\" /\u003e\n  \u003c/picture\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"LICENSE\"\u003e\u003cimg src=\"https://img.shields.io/badge/License-Apache_2.0-blue.svg\" alt=\"License: Apache 2.0\" /\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/algorismo-au/lanekeep/actions/workflows/test.yml\"\u003e\u003cimg src=\"https://github.com/algorismo-au/lanekeep/actions/workflows/test.yml/badge.svg\" alt=\"Tests\" /\u003e\u003c/a\u003e\n  \u003cimg src=\"https://img.shields.io/badge/version-1.0.4-green.svg\" alt=\"Version: 1.0.4\" /\u003e\n  \u003cimg src=\"https://img.shields.io/badge/Made_with-Bash-1f425f.svg?logo=gnubash\u0026logoColor=white\" alt=\"Made with Bash\" /\u003e\n  \u003cimg src=\"https://img.shields.io/badge/platform-Linux_·_macOS-informational.svg\" alt=\"Platform: Linux · macOS\" /\u003e\n  \u003cimg src=\"https://img.shields.io/badge/network_calls-zero-brightgreen.svg\" alt=\"Zero Network Calls\" /\u003e\n\u003c/p\u003e\n\n# LaneKeep\n\nLaneKeep allows your AI coding agent to run within boundaries that you control.\n\n**No data leaves your machine.**\n\n**Every policy and rule is controlled by you.**\n\n- **Live dashboard** — every decision logged locally\n- **Budget limits** — usage patterns, cost caps, token and action limits\n- **Full audit trail** — every tool call logged with matched rule and reason\n- **Defense in depth** — extendable policy layers: 9+ deterministic evaluators and an optional semantic layer (another LLM) as an evaluator; PII detection, config integrity checks, and injection detection\n- **Agent memory/knowledge view** — see what your agent sees\n- **Coverage and alignment** — built-in compliance tags (NIST, OWASP, CWE, ATT\u0026CK); add your own\n\nClaude Code CLI, other platforms coming soon.\n\nFor more details see [Configuration](#configuration).\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"images/readme/lanekeep_home.png\" alt=\"LaneKeep Dashboard\" width=\"749\" /\u003e\n\u003c/p\u003e\n\n## Quick Start\n\n### Prerequisites\n\n| Dependency | Required | Notes |\n|------------|----------|-------|\n| **bash** \u003e= 4 | yes | Core runtime |\n| **jq** | yes | JSON processing |\n| **socat** | for sidecar mode | Not needed for hook-only mode |\n| **Python 3** | optional | Web dashboard (`lanekeep ui`) |\n\n```bash\nsudo apt install jq socat        # Debian/Ubuntu\nbrew install bash jq socat       # macOS (bash 4+ required)\n```\n\n### Install\n\n```bash\ngit clone https://github.com/algorismo-au/lanekeep.git\ncd lanekeep\n```\n\nAdd `bin/` to your PATH permanently:\n\n```bash\nbash scripts/add-to-path.sh\n```\n\nDetects your shell and writes to your rc file. Idempotent.\n\nOr for the current session only:\n\n```bash\nexport PATH=\"$PWD/bin:$PATH\"\n```\n\nNo build step. Pure Bash.\n\n### 1. Try the demo\n\n```bash\nlanekeep demo\n```\n\n```\n  DENIED  rm -rf /              Recursive force delete\n  DENIED  DROP TABLE users      SQL destruction\n  DENIED  git push --force      Dangerous git operation\n  ALLOWED ls -la                Safe directory listing\n  Results: 4 denied, 2 allowed\n```\n\n### 2. Install in your project\n\n```bash\ncd /path/to/your/project\nlanekeep init .\n```\n\nCreates `lanekeep.json`, `.lanekeep/traces/`, and installs hooks in `.claude/settings.local.json`.\n\n### 3. Start LaneKeep\n\n```bash\nlanekeep start       # sidecar + web dashboard\nlanekeep serve       # sidecar only\n# or skip both — hooks evaluate inline (slower, no background process)\n```\n\n### 4. Use your agent normally\n\nDenied actions show a reason. Allowed actions proceed silently. View decisions in the **[dashboard](#dashboard)** (`lanekeep ui`) or from the terminal with `lanekeep trace` / `lanekeep trace --follow`.\n\n| | |\n|:---:|:---:|\n| \u003cimg src=\"images/readme/lanekeep_in_action4.png\" alt=\"Git rebase — needs approval\" width=\"486\" /\u003e | \u003cimg src=\"images/readme/lanekeep_in_action7.png\" alt=\"Database destroy — denied\" width=\"486\" /\u003e |\n| \u003cimg src=\"images/readme/lanekeep_in_action8.png\" alt=\"Netcat — needs approval\" width=\"486\" /\u003e | \u003cimg src=\"images/readme/lanekeep_in_action12.png\" alt=\"git push --force — hard-blocked\" width=\"486\" /\u003e |\n| \u003cimg src=\"images/readme/lanekeep_in_action13.png\" alt=\"chmod 777 — hard-blocked\" width=\"486\" /\u003e | \u003cimg src=\"images/readme/lanekeep_in_action15.png\" alt=\"TLS bypass — needs approval\" width=\"486\" /\u003e |\n\n---\n\n## Managing LaneKeep\n\n### Enable \u0026 Disable\n\n`lanekeep init` registers hooks automatically, but you can manage hook registration independently:\n\n```bash\nlanekeep enable          # Register hooks in Claude Code settings\nlanekeep disable         # Remove hooks from Claude Code settings\nlanekeep status          # Check if LaneKeep is active and show governance state\n```\n\n**Restart Claude Code after `enable` or `disable` for changes to take effect.**\n\n`enable` writes three hooks (PreToolUse, PostToolUse, Stop) into your Claude Code\nsettings file — project-local `.claude/settings.local.json` if it exists, otherwise\n`~/.claude/settings.json`. `disable` removes them cleanly.\n\n### Start \u0026 Stop\n\nHooks alone work — every tool call is evaluated inline. The sidecar adds a\npersistent background process for faster evaluation and the web dashboard:\n\n```bash\nlanekeep start           # Sidecar + web dashboard (recommended)\nlanekeep serve           # Sidecar only (no dashboard)\nlanekeep stop            # Shut down sidecar and dashboard\nlanekeep status          # Check running state\n```\n\n### Temporarily Disabling LaneKeep\n\nThere are two levels of \"disable\":\n\n| Scope | Command | What it does |\n|-------|---------|-------------|\n| **Entire system** | `lanekeep disable` | Removes all hooks — no evaluation happens. Restart Claude Code. |\n| **One policy** | `lanekeep policy disable \u003ccategory\u003e --reason \"...\"` | Disables a single policy category (e.g. `governance_paths`) while everything else stays enforced. |\n\nTo pause a single policy and re-enable it:\n\n```bash\nlanekeep policy disable governance_paths --reason \"Updating CLAUDE.md\"\n# ... make changes ...\nlanekeep policy enable governance_paths\n```\n\nTo disable LaneKeep entirely and bring it back:\n\n```bash\nlanekeep disable         # Remove hooks — restart Claude Code\n# ... work without governance ...\nlanekeep enable          # Re-register hooks — restart Claude Code\n```\n\n---\n\n## What Gets Blocked\n\nSee [Configuration](#configuration) to override, extend, or disable anything.\n\n| Category | Examples | Decision |\n|----------|----------|----------|\n| Destructive ops | `rm -rf`, `DROP TABLE`, `truncate`, `mkfs` | deny |\n| IaC / cloud | `terraform destroy`, `aws s3 rm`, `helm uninstall` | deny |\n| Dangerous git | `git push --force`, `git reset --hard` | deny |\n| Secrets in code | AWS keys, API keys, private keys | deny |\n| Governance files | `claude.md`, `.claude/`, `lanekeep.json`, `.lanekeep/`, `plugins.d/` | deny |\n| Self-protection | `kill lanekeep-serve`, `export LANEKEEP_FAIL_POLICY` | deny |\n| Network commands | `curl`, `wget`, `ssh` | ask |\n| Package installs | `npm install`, `pip install` | ask |\n\n### Self-Protection\n\nLaneKeep protects itself and the agent's own governance files from modification\nby the agent it governs. Without this, a compromised or prompt-injected agent\ncould disable enforcement, tamper with audit logs, or bypass budget limits.\n\n| Path | What it protects |\n|------|-----------------|\n| `claude.md`, `.claude/` | Claude Code instructions, settings, hooks, memory |\n| `lanekeep.json`, `.lanekeep/` | LaneKeep config, rules, traces, runtime state |\n| `lanekeep/bin/`, `lib/`, `hooks/` | LaneKeep source code |\n| `plugins.d/` | Plugin evaluators |\n\n**Writes** are blocked by the `governance_paths` policy (Write/Edit tools).\n**Reads** of the active configuration (`lanekeep.json`, `.lanekeep/` state files)\nare blocked by rules `sec-039` and `sec-040` — exposing the ruleset would let\nthe agent reverse-engineer match patterns and craft evasions. LaneKeep source\ncode (`bin/`, `lib/`) remains readable; security of the engine is open, but the\nactive configuration is opaque to the governed agent. See [REFERENCE.md](REFERENCE.md#self-protection-governance_paths--rules) for details.\n\n---\n\n## How It Works\n\nHooks into the [PreToolUse hook](https://docs.anthropic.com/en/docs/claude-code/hooks) and runs every tool call through a tiered pipeline before it executes. First deny stops the pipeline.\n\n| Tier | Evaluator | What it checks |\n|------|-----------|----------------|\n| 0 | Config Integrity | Config hash unchanged since startup |\n| 0.5 | Schema | Tool against TaskSpec allowlist/denylist |\n| 1 | Hardblock | Fast substring match — always runs |\n| 2 | Rules Engine | Policies, first-match-wins rules |\n| 3 | Hidden Text | CSS/ANSI injection, zero-width chars |\n| 4 | Input PII | PII in tool input (SSNs, credit cards) |\n| 5 | Budget | Action count, token tracking, cost limits, wall-clock time |\n| 6 | Plugins | Custom evaluators (subshell isolated) |\n| 7 | Semantic | LLM intent check — goal misalignment, spirit-of-task violations, disguised exfiltration (opt-in) |\n| Post | ResultTransform | Secrets/injection in output |\n\nThe Semantic evaluator reads the task goal from TaskSpec — set it with\n`lanekeep serve --spec DESIGN.md` or write `.lanekeep/taskspec.json` directly.\nSee [REFERENCE.md](REFERENCE.md#budget--taskspec) for details.\n\nSee [CLAUDE.md](CLAUDE.md) for detailed tier descriptions and data flow.\n\n## Core Concepts\n\n| Term | What it is |\n|------|------------|\n| **Event** | A raw tool call occurrence — one record per hook fire (`PreToolUse` or `PostToolUse`). `total_events` always increments regardless of outcome. |\n| **Evaluation** | An individual check within the pipeline. Each evaluator module (`eval-hardblock.sh`, `eval-rules.sh`, `eval-budget.sh`, etc.) independently examines the event and sets `EVAL_PASSED`/`EVAL_REASON`. A single event triggers many evaluations; results recorded in the trace `evaluators[]` array with `name`, `tier`, and `passed`. |\n| **Decision** | The final pipeline verdict: `allow`, `deny`, `warn`, or `ask`. Stored in the `decision` field of each trace entry and counted in `decisions.deny / warn / ask / allow` in cumulative metrics. |\n| **Action** | An event where the tool actually ran (`allow` or `warn`). Denied and pending-ask calls don't count. `action_count` is what `budget.max_actions` measures — when it hits the cap, the budget evaluator starts blocking. |\n\n```\nEvent (raw hook call)\n  └── Evaluations (N checks run against it)\n        └── Decision (single verdict: allow/deny/warn/ask)\n              └── Action (only if tool actually ran — counts against max_actions)\n```\n\n---\n\n## Configuration\n\nEverything is configurable — built-in defaults, user-defined rules, and\ncommunity-sourced packs all merge into a single policy. Override any default,\nadd your own rules, or disable what you don't need.\n\nConfig resolves: `$PROJECT_DIR/lanekeep.json` -\u003e `$LANEKEEP_DIR/defaults/lanekeep.json`.\nConfig is hash-checked at startup — mid-session modifications deny all calls.\n\n### Policies\n\nEvaluated before rules. 20 built-in categories — each with dedicated extraction\nlogic (e.g. `domains` parses URLs, `branches` extracts git branch names).\nCategories: `tools`, `extensions`, `paths`, `commands`, `domains`,\n`mcp_servers`, and more. Toggle with `lanekeep policy` or from the **Governance** tab in the dashboard.\n\n**Policies vs Rules:** Policies are structured, typed controls for predefined\ncategories. Rules are the flexible catch-all — they match any tool name + any\nregex pattern against the full tool input. If your use case doesn't fit a policy\ncategory, write a rule instead.\n\nTo temporarily disable a policy (e.g. to update `CLAUDE.md`):\n\n```bash\nlanekeep policy disable governance_paths --reason \"Updating CLAUDE.md\"\n# ... make changes ...\nlanekeep policy enable governance_paths\n```\n\n### Rules\n\nOrdered first-match-wins table. No match = allow. Match fields use AND logic.\n\n```json\n[\n  {\"match\": {\"command\": \"rm\", \"target\": \"node_modules\"}, \"decision\": \"allow\"},\n  {\"match\": {\"command\": \"rm -rf\"},                        \"decision\": \"deny\"}\n]\n```\n\nYou don't need to copy the full defaults. Use `\"extends\": \"defaults\"` and add your rules:\n\n```json\n{\n  \"extends\": \"defaults\",\n  \"extra_rules\": [\n    {\n      \"id\": \"my-001\",\n      \"match\": { \"command\": \"docker compose down\" },\n      \"decision\": \"deny\",\n      \"reason\": \"Block tearing down the dev stack\"\n    }\n  ]\n}\n```\n\nOr use the CLI:\n\n```bash\nlanekeep rules add --match-command \"docker compose down\" --decision deny --reason \"...\"\n```\n\nRules can also be added, edited, and dry-run in the **Rules** tab of the dashboard — or test from the CLI first:\n\n```bash\nlanekeep rules test \"docker compose down\"\n```\n\n### Updating LaneKeep\n\nWhen you install a new version of LaneKeep, new default rules become active automatically — **your customizations (`extra_rules`, `rule_overrides`, `disabled_rules`) are never touched**.\n\nOn the first sidecar start after an upgrade, you'll see a one-time notice:\n\n```\n[LaneKeep] Updated: v1.2.0 → v1.3.0 — 8 new default rule(s) now active.\n[LaneKeep] Run 'lanekeep rules whatsnew' to review. Your customizations are preserved.\n```\n\nTo see exactly what changed:\n\n```bash\nlanekeep rules whatsnew\n# Shows new/removed rules with IDs, decisions, and reasons\n\nlanekeep rules whatsnew --skip net-019   # Opt out of a specific new rule\nlanekeep rules whatsnew --acknowledge    # Record current state (clears future notices)\n```\n\n\u003e **Using a monolithic config?** (no `\"extends\": \"defaults\"`) New default rules won't be\n\u003e merged automatically. Run `lanekeep migrate` to convert to the layered format and keep\n\u003e all your customizations intact.\n\n### Enforcement Profiles\n\n| Profile | Behavior |\n|---------|----------|\n| `strict` | Denies Bash, asks for Write/Edit. 500 actions, 2.5 hours. |\n| `guided` | Asks for `git push`. 2000 actions, 10 hours. **(default)** |\n| `autonomous` | Permissive, budget + trace only. 5000 actions, 20 hours. |\n\nSet via `LANEKEEP_PROFILE` env var or `\"profile\"` in `lanekeep.json`.\n\nSee [REFERENCE.md](REFERENCE.md) for rule fields, policy categories, settings,\nand environment variables.\n\n---\n\n## CLI Reference\n\nSee [REFERENCE.md — CLI Reference](REFERENCE.md#cli-reference) for the full command list.\n\n---\n\n## Dashboard\n\nSee exactly what your agent is doing while it builds — live decisions, token usage, file activity, and audit trail in one place.\n\n### Governance\n\nLive input/output token counters, context window usage %, and budget progress bars. Catch sessions heading off the rails before they burn time and money — set hard caps on actions, tokens, and time that auto-enforce when hit.\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"images/readme/lanekeep_governance.png\" alt=\"LaneKeep Governance — budget and session stats\" width=\"749\" /\u003e\n\u003c/p\u003e\n\n### Insights\n\nLive decision feed, denial trends, per-file activity, latency percentiles, and a decision timeline across your session.\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"images/readme/lanekeep_insights1.png\" alt=\"LaneKeep Insights — trends and top denied\" width=\"749\" /\u003e\n\u003c/p\u003e\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"images/readme/lanekeep_insights2.png\" alt=\"LaneKeep Insights — file activity and latency\" width=\"749\" /\u003e\n\u003c/p\u003e\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"images/readme/lanekeep_insights3.png\" alt=\"LaneKeep Insights — decision timeline\" width=\"749\" /\u003e\n\u003c/p\u003e\n\n### Audit \u0026 Coverage\n\nOne-click config validation, plus a coverage map linking rules to regulatory frameworks (PCI-DSS, HIPAA, GDPR, NIST SP800-53, SOC2, OWASP, CWE, AU Privacy Act) — with gap highlighting and rule impact analysis.\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"images/readme/lanekeep_audit1.png\" alt=\"LaneKeep Audit — config validation\" width=\"749\" /\u003e\n\u003c/p\u003e\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"images/readme/lanekeep_audit2.png\" alt=\"LaneKeep Coverage — evidence chain\" width=\"749\" /\u003e\n\u003c/p\u003e\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"images/readme/lanekeep_audit3.png\" alt=\"LaneKeep Coverage — rule impact analysis\" width=\"749\" /\u003e\n\u003c/p\u003e\n\n### Files\n\nEvery file your agent reads or writes — with per-file token sizes to see what's eating your context window. Plus operation counts, denial history, and an inline editor.\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"images/readme/lanekeep_files.png\" alt=\"LaneKeep Files — file tree and editor\" width=\"749\" /\u003e\n\u003c/p\u003e\n\n### Settings\n\nConfigure enforcement profiles, toggle policies, and tune budget limits — all from the dashboard. Changes take effect immediately without restarting the sidecar.\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"images/readme/lanekeep_settings1.png\" alt=\"LaneKeep Settings\" width=\"749\" /\u003e\n\u003c/p\u003e\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"images/readme/lanekeep_settings2.png\" alt=\"LaneKeep Settings\" width=\"749\" /\u003e\n\u003c/p\u003e\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"images/readme/lanekeep_settings3.png\" alt=\"LaneKeep Settings\" width=\"749\" /\u003e\n\u003c/p\u003e\n\n---\n\n## Security\n\n**LaneKeep runs entirely on your machine. No cloud, no telemetry, no account.**\n\n- **Config integrity** — hash-checked at startup; mid-session changes deny all calls\n- **Fail-closed** — any evaluation error results in a deny\n- **Immutable TaskSpec** — session contracts can't be changed after startup\n- **Plugin sandboxing** — subshell isolation, no access to LaneKeep internals\n- **Append-only audit** — trace logs can't be altered by the agent\n- **No network dependency** — pure Bash + jq, no supply chain\n\nSee [SECURITY.md](SECURITY.md) for vulnerability reporting.\n\n---\n\n## Development\n\nSee [CLAUDE.md](CLAUDE.md) for architecture and conventions. Run tests with\n`bats tests/` or `lanekeep selftest`. Cursor adapter included (untested).\n\n---\n\n## License\n\n[Apache License 2.0](LICENSE)\n\n---\n\n## Keywords\n\nAI agent guardrails, AI agent governance, AI coding agent security, agentic AI\nsecurity, vibe coding security, AI agent policy engine, governance sidecar, AI\nagent firewall, AI agent audit trail, AI agent least privilege, AI agent\nsandboxing, prompt injection prevention, MCP security, MCP guardrails, Claude\nCode security, Claude Code guardrails, Claude Code hooks, Cursor guardrails,\nCopilot governance, Aider guardrails, AI agent monitoring, AI agent\nobservability, AI coding assistant safety, policy-as-code, governance-as-code,\nAI agent runtime security, AI agent access control, AI agent permissions, AI\nagent allowlist denylist, OWASP agentic top 10, NIST AI risk management, SOC2\nAI compliance, HIPAA AI compliance, EU AI Act compliance tools, PII detection,\nsecrets detection, AI agent budget limits, token budget enforcement, AI agent\ncost control, shadow AI governance, AI development guardrails, DevSecOps AI, AI\nagent command blocking, AI agent file access control, defense in depth AI, zero\ntrust AI agents, fail-closed security, append-only audit log, deterministic\nguardrails, rule engine AI, compliance automation AI, AI agent behavior\nmonitoring, AI agent risk management, open source AI governance, CLI guardrails\ntool, shell-based policy engine, no-cloud AI security, zero network calls, AI\ncoding tool audit log\n\n---\n\n\u003cdiv align=\"center\"\u003e\n\n### Interested in building with us?\n\n\u003ctable\u003e\u003ctr\u003e\u003ctd\u003e\n\u003cp align=\"center\"\u003e\n\u003cstrong\u003eWe are looking for ambitious engineers to help us extend the capabilities of LaneKeep.\u003c/strong\u003e\u003cbr/\u003e\nIs this you? \u003cstrong\u003eGet in touch \u0026rarr;\u003c/strong\u003e \u003ca href=\"mailto:info@algorismo.com\"\u003e\u003ccode\u003einfo@algorismo.com\u003c/code\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003c/td\u003e\u003c/tr\u003e\u003c/table\u003e\n\n\u003c/div\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falgorismo-au%2Flanekeep","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Falgorismo-au%2Flanekeep","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falgorismo-au%2Flanekeep/lists"}