Spellguard

Spellguard / spellguard

Public

Secure, auditable agent-to-agent communication framework

a2a ai-agents attestation audit-log cryptography
14
0
85% credibility
Found May 21, 2026 at 17 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
TypeScript
AI Summary

Spellguard is a secure, auditable communication framework for AI agents. It acts like a trusted intermediary that routes messages between agents, verifies their identities using cryptography, enforces security policies (like blocking malicious prompts), and maintains tamper-proof logs of all interactions. The framework supports both TypeScript and Python agents, integrates with popular AI development tools like LangChain, CrewAI, and OpenAI, and uses encryption to protect message content while enabling on-demand decryption for incident analysis. Organizations can use the managed service or self-host the open-source version.

How It Works

1
🔍 You discover Spellguard

You learn about a framework that lets AI agents talk to each other securely, with every conversation logged for accountability.

2
🛡️ You set up the Verifier

The Verifier becomes your central checkpoint that routes messages between agents, checks security policies, and keeps a tamper-proof record of everything.

3
🤖 You create specialized agents

You build agents for different tasks—one handles patient records, another analyzes lab results, and a care coordinator brings them together.

4
🔐 Agents prove who they are

Each agent uses cryptographic keys to prove its identity to the Verifier before sending or receiving any messages.

5
📨 You send a request through the network

Your request flows through the Verifier, which checks policies, logs the interaction, and routes it to the right agent.

6
Agents collaborate on your request
💊
Patient records agent

Shares visit history, medications, and conditions while protecting sensitive details

🧪
Lab analysis agent

Provides health indicators like cholesterol status without exposing raw values

You get a complete, audited response

The care summary arrives with a full audit trail showing every agent that was consulted and every decision made.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 17 to 14 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is spellguard?

Spellguard is a framework for securing communication between AI agents. When multiple AI agents need to talk to each other, Spellguard sits in the middle as a Verifier proxy -- routing messages, enforcing policies, and creating tamper-evident audit logs. The system uses X25519 ECDH for key exchange and AES-256-GCM for encryption, with commitments logged to transparency logs so you can prove later that messages weren't altered. It ships as a monorepo with TypeScript and Python packages, including client middleware, the Verifier server, and adapters for LangChain, OpenAI SDK, and CrewAI. Demo agents show patient records, banking, and data analysis scenarios running through the Verifier.

Why is it gaining traction?

The hook is auditability without sacrificing security. Every agent-to-agent message gets cryptographically committed before storage, and the Verifier enforces policies like prompt injection detection or keyword blocking at the proxy layer. Forward secrecy comes from ephemeral key pairs generated per message. You can route to external A2A-only agents that don't use Spellguard (unilateral attestation) while still logging the interaction. The monorepo approach means you get TypeScript and Python parity, so polyglot teams can adopt it without choosing sides.

Who should use this?

Compliance-focused teams running multi-agent workflows who need to prove what agents communicated and when. Healthcare or financial orgs using AI agents that touch sensitive data will benefit most from the encrypted archiving and policy enforcement. Teams running CrewAI or LangChain-based agents can drop in the adapters for transparent routing without rewriting agent logic. Early-stage projects should be aware: 14 stars and a managed service upsell suggest the open-source version is still finding its audience.

Verdict

Spellguard solves a real problem -- secure, auditable agent communication -- with solid crypto primitives and practical integrations. The 0.85% credibility score reflects an early-stage project with limited community traction, so production use warrants careful evaluation of the policy engine and logging backends. Worth watching if you're building multi-agent systems; hold off on mission-critical deployments until the project matures.

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.