Launching today
PIC Standard: AI Action Firewall
Stop prompt injection from triggering tools.
3 followers
Stop prompt injection from triggering tools.
3 followers
Open protocol that forces AI agents to prove their intent and back every important action with verifiable evidence, before anything dangerous happens. Quick benefits: - Stops prompt-injection disasters and hallucinations from turning into real money losses or data leaks - Works locally: no sending sensitive data to the cloud - Plugs right into LangGraph or your existing agent stack in minutes - MCP ready - Free & open-source (Apache 2.0): audit it, fork it, own it
Hey Product Hunt 👋 I’m Fabio, maker of PIC Standard: AI Action Firewall.
Yes, the viral hook is “stop prompt injection from triggering tools”… but PIC is bigger than prompt injection.
PIC is a general standard for governing agent side-effects. Open Source, Apache 2.0.
Any time an agent is about to call a tool with real impact (💸 money, 🔐 privacy/data export, ☁️ infra/compute, irreversible ops), PIC forces a machine-verifiable contract before execution:
The agent must produce an Action Proposal (PIC/1.0 schema + verifier)
It ties together: intent → impact class → provenance → claims → evidence → exact tool call
If trust/evidence is insufficient → fail-closed and block the action
v0.4.1 supports deterministic, resolvable SHA-256 and Ed25519 Signature evidence (evidence IDs can point to real artifacts)
Why this matters: guardrails mostly focus on what the model says. PIC focuses on what the agent can do.
If you are building agents with tools, I would love feedback:
Which tool actions should be “high impact” by default?
What integration should be next after LangGraph + MCP?
Try it quickly (CLI + examples in the repo):
If PIC resonates:
⭐ Star the repo so other agent builders find it.
🤝 Contributors welcome, especially for new impact classes (email, billing, CRM export) and integrations (CrewAI next).
Repo: https://github.com/madeinplutofabio/pic-standard