agentsudo

agentsudo

Okta for AI agents. IAM for digital workers.

5 followers

Visit website
Right now, AI agents share a single API key with root access to everything - databases, CRMs, payment APIs. When they hallucinate, they can delete production data, issue unauthorized refunds, or spam customers. Features: → Fine-grained permission scopes (read:*, write:orders, etc.) → Audit mode (log violations without blocking) → Human-in-the-loop approvals (Slack integration) → Session expiry (like JWT tokens) Open source (MIT). 3 lines of code to integrate. Works with any agent framework.
agentsudo gallery image
agentsudo gallery image
agentsudo gallery image
Free
Launch tags:Open SourceDeveloper ToolsArtificial Intelligence
Launch Team
Checkmarx Developer Assist for AI IDEs
Security linter for vibe coding: fix vulns as you build
Promoted

What do you think? …

Armani Novella
Maker
📌

Hey Product Hunt! 👋

I'm Armani, and I built AgentSudo because I kept seeing the same scary pattern: companies building amazing AI agents... that they were too afraid to actually deploy.


Here's what's happening:

Right now, when you give an AI agent access to your systems, it's all-or-nothing. One API key with root access to everything - your database, your CRM, your payment processor, customer emails, everything.

When that agent hallucinates (and they all do eventually), the damage is real:

  • Production databases getting wiped

  • Customers getting spam

  • Unauthorized refunds going out

  • And no way to tell which agent did it

So agents stay in the sandbox forever. All that potential, never realized.


I thought: we solved this for humans decades ago.

When a developer needs elevated permissions, they use sudo. When an employee needs system access, they get scoped credentials. We don't give everyone the root password.

So why are we doing exactly that with AI agents?


That's why I built AgentSudo.

It's dead simple - each agent gets its own identity with specific permissions:

from agentsudo import Agent, sudo

support_bot = Agent(
    name="SupportBot",
    scopes=["read:orders", "write:refunds"]
)

analytics_bot = Agent(
    name="AnalyticsBot",
    scopes=["read:orders"]
)

@sudo(scope="write:refunds")
def process_refund(order_id, amount):
    print(f"Refunded ${amount} for {order_id}")

# Support bot can process refunds
with support_bot.start_session():
    process_refund("order_123", 50)  # ✅ Allowed

# Analytics bot cannot
with analytics_bot.start_session():
    process_refund("order_456", 25)  # ❌ PermissionDeniedError


That's it. Three lines of code, and now your agent can only do what it's supposed to do.

What makes this different:
Most "AI security" tools try to detect bad behavior after it happens.
AgentSudo prevents it from happening in the first place. And unlike enterprise IAM systems that take months to integrate, this is:
→ 3 lines of code
→ No infrastructure changes
→ Works with whatever you're already using (LangChain, AutoGen, custom frameworks)
→ Open source (MIT) - you can audit every line

What's next:
This is v0.1 - the core permission system. Coming soon:
- Cloud dashboard (see all your agents in one place)
- Slack/Teams integration (get pinged when an agent needs approval)
- Pre-built connectors (Salesforce, Gmail, Stripe, etc.)
- Enterprise features (SSO, compliance reports, the works)

Try it out:
pip install agentsudo


GitHub: https://github.com/xywa23/agentsudo

I'd love your feedback, especially if you're:

  • Building agents for production

  • Worried about AI safety in your systems

  • Just curious about the space

What features would help you deploy agents with confidence?

Let's make AI agents safe enough to actually use. 🚀