Launching today
Nexus Protocol
Secure protocol for AI agents. Apache 2.0.
2 followers
Secure protocol for AI agents. Apache 2.0.
2 followers
MCP has 84k GitHub stars and a documented RCE Anthropic calls "intended behavior." Nexus Protocol is the fix. WASM sandbox. 19 dangerous syscalls blocked at the kernel boundary. Binary protocol with zero JSON overhead. Three sandbox policies. Prompt injection guard at the protocol layer. SDKs in Rust, Python, Go, and TypeScript. Apache 2.0. If your agent can call execve() without a sandbox, you don't have a secure agent. You have a polite backdoor.
MCP became the standard with 84,000 GitHub stars and a documented hole: zero sandbox, zero authentication, RCE by design.
I built Nexus Protocol to fix that at the protocol layer, not with wrappers.
What ships today:
19 syscalls blocked. WASM sandbox. Binary protocol. Three sandbox policies. Prompt injection guard. SDKs in Rust, Python, Go, TypeScript. Apache 2.0. 60 tests passing.
The demo that matters:
MCP receives "rm -rf /" and executes it. Intended behavior.
Nexus Protocol blocks syscall 87 (unlink) and syscall 59 (execve) before the kernel sees them.
Repo: github.com/KaioH3/nexus
Apache 2.0. Read the spec. Break the sandbox. Tell me what you find.