Library
agent-shield
The governance layer this agent runs on, extracted as a drop-in library: Cedar policies, append-only audit log, kill-switch, MCP scope check, and circuit breaker behind one wrap() call for any MCP-based agent.
import { shield } from "@sarthak/agent-shield";
const guard = shield({
policies, // Cedar policies, evaluated on every tool call
audit, // append-only audit sink
killSwitch, // halts an in-flight run within 1s
scopeCheck, // MCP scope discovery + step-up auth
breaker, // circuit breaker on a cost ceiling
});
// Wrap any workflow step. The five controls run around it; your
// step body stays unchanged.
const governedStep = guard.wrap(step);One function in, one wrapped step out. The agent in this repo is the reference integration: it passes its real Cedar policies, its Postgres-backed audit sink, and a 0.50 USD circuit breaker into the same call shown here.
pnpm add @sarthak/agent-shieldThe five controls
policies
Cedar policy engine
The same policies in version control, evaluated on every tool call. A deny returns a human-readable reason chain via formatDecision(), not a boolean.
audit
Append-only audit log
Every step and tool call is recorded with its policy decision attached. Exportable and queryable; it backs the audit strip on this site.
killSwitch
Kill switch
A single flip halts an in-flight run within one second, before the next tool call leaves the process.
scopeCheck
MCP scope check
Checks the scopes a tool requires against what the principal holds, using the spec-native WWW-Authenticate step-up flow (SEP-2350), not a custom header.
breaker
Circuit breaker
Trips when cumulative spend crosses a cost ceiling (0.50 USD by default), stopping a runaway loop before it bills.