{"id":30064937,"url":"https://github.com/ghostlock-ai/capsule","last_synced_at":"2026-04-29T14:36:17.478Z","repository":{"id":293329155,"uuid":"975149719","full_name":"Ghostlock-AI/capsule","owner":"Ghostlock-AI","description":"Agent Security Runtime","archived":false,"fork":false,"pushed_at":"2025-07-30T16:30:25.000Z","size":4198,"stargazers_count":10,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-07-30T18:55:11.362Z","etag":null,"topics":["agent","audit","langchain","linux","linux-kernel","runtime","rust","seccomp","seccomp-bpf","seccomp-profile","security-tools"],"latest_commit_sha":null,"homepage":"https://capsuledesu.com","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Ghostlock-AI.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-04-29T21:34:15.000Z","updated_at":"2025-07-30T11:56:59.000Z","dependencies_parsed_at":"2025-05-14T20:26:22.142Z","dependency_job_id":"588aae63-586f-492a-98a4-f875f705e99c","html_url":"https://github.com/Ghostlock-AI/capsule","commit_stats":null,"previous_names":["light-magician/capsule","ghostlock-ai/capsule"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Ghostlock-AI/capsule","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ghostlock-AI%2Fcapsule","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ghostlock-AI%2Fcapsule/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ghostlock-AI%2Fcapsule/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ghostlock-AI%2Fcapsule/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Ghostlock-AI","download_url":"https://codeload.github.com/Ghostlock-AI/capsule/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ghostlock-AI%2Fcapsule/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":269367401,"owners_count":24405385,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-08T02:00:09.200Z","response_time":72,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agent","audit","langchain","linux","linux-kernel","runtime","rust","seccomp","seccomp-bpf","seccomp-profile","security-tools"],"created_at":"2025-08-08T05:24:26.352Z","updated_at":"2026-04-29T14:36:17.472Z","avatar_url":"https://github.com/Ghostlock-AI.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003eCapsule\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"capsule.gif\" width=\"600\"\u003e\n\u003c/p\u003e\n\n---\n\n## TL;DR\n\nCapsule watches agent behavior from the kernel (eBPF/LSM), enriches events into human-readable timelines, and lays the groundwork for dynamic, policy-driven security backed by small ML models. It’s **pre-alpha**, **Linux aarch64 only** right now, written in **Rust**.\n\n## License\n\nThis project is licensed under the MIT License.\n\n---\n\n## Why we are building Capsule\n\nCapsule is a permanently open-source kernel-level tracing and sandboxing project.\u2028It will never be closed, dual-licensed, or converted into a proprietary core.\n\nHere at Ghostlock, we are building Capsule because application-level observability and enforcement no longer hold up in a world of autonomous agents. User-mode hooks are easy to bypass, and existing tools cannot reliably explain what code actually did once it runs.\n\nAs software shifts toward autonomous agents—systems that write code, spawn processes, and make decisions with minimal supervision—the human role moves from approving outputs to understanding and constraining behavior.\n\nKernel-level tracing provides a stronger foundation. By observing execution below the application layer, it becomes possible to produce durable, verifiable records of behavior that software cannot evade. Today, however, these tools remain fragmented, hard to use, and accessible only to specialists.\n\nCapsule exists to make kernel-level tracing practical:\n\t\n\t•\tsimple enough to experiment with,\n\n\t•\texplicit enough to reason about, and\n\t\n\t•\topen enough to trust long-term.\n\nIf you work on kernels, runtimes, security, or systems tooling—and care about making autonomous software observable and accountable—we welcome your contributions!\n\n---\n\n## What Capsule observes\n\n| Area                 | In plain terms                                              |\n| -------------------- | ----------------------------------------------------------- |\n| Process execution    | When programs start, fork, or become backgroud processes    |\n| Network              | All network communication—who talks to whom.                |\n| File I/O             | Read/write/create/delete/move files and folders.            |\n| Credentials          | Changes to identity (UID/GID/capabilities).                 |\n| Memory / code        | Risky mappings (e.g., W+X), code loading.                   |\n| IPC orchestration    | Local process-to-process comms (pipes, UNIX sockets, etc.). |\n| Device access        | Access to `/dev/*` (KVM, tun/tap, GPU, disks, USB/TTY).     |\n| System configuration | Mounts, chroot/pivot_root, persistence paths.               |\n| Containers \u0026 cgroups | Enter/leave namespaces; resource limits and cgroup changes. |\n| Signals              | Software interrupts (SIGKILL, SIGTERM, etc.).               |\n\n---\n\n## Architecture\n\n- **Kernel Probes**: eBPF kprobes/tracepoints/LSM hooks (Linux) capture syscall-level and semantic events.\n- **Userspace Daemon**: stream ingestion, async enrichment of syscalls for better readability.\n- **Policy/ML Layer**: deterministic rules + sequence/graph model that categorizes prompt, syscall sequence, and resource utilization combinations as risky or harmless.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fghostlock-ai%2Fcapsule","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fghostlock-ai%2Fcapsule","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fghostlock-ai%2Fcapsule/lists"}