dormstern

dormstern / leashed

Public

AI got hands. This is the leash. Policy, audit, kill switch for any AI agent with access to your accounts.

behalf.workharness agent-governance ai-agent ai-agent-security ai-safety ai-security
11
0
100% credibility
Found Feb 22, 2026 at 10 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
TypeScript
AI Summary

Leashed is a tool that adds rules, limits, logs, and emergency stops to AI agents performing tasks in online accounts through a secure cloud browser.

How It Works

1
💡 Discover Leashed

You learn about a handy tool that acts like a safety leash for AI helpers using your online accounts, preventing them from doing too much.

2
🔗 Connect Secure Browser

You sign up for a trusted online browser service that lets your AI work safely without ever sharing your personal logins.

3
📝 Set Your Rules

You write a short list of simple permissions, like allowing reads and checks but blocking deletes or sends.

4
🛡️ Leash Your AI

You link your AI helper to these rules, so every action it wants to take gets checked first.

5
🤖 Assign Safe Tasks

You give your AI everyday jobs like checking messages or listing updates, and it only does what's permitted.

6
📊 Review the Record

You look at a clear log of every attempt, seeing what worked, what was stopped, and why.

Work Done Safely

Your AI accomplishes tasks effectively while staying fully under your control, with easy ways to stop it anytime.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 10 to 11 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is leashed?

Leashed is a TypeScript library that acts as a policy gatekeeper for AI agents accessing your accounts via AnchorBrowser's isolated cloud sessions. You define YAML rules to allow reads/searches while denying sends/deletes/exports, then wrap agent tasks through `createLeash()`—it checks intent, executes safely if allowed, audits everything to JSONL, and enforces time/action budgets with a CLI kill switch (`npx leashed yank`). It solves rogue agent risks, like the 42,000 credential leaks, by isolating passwords and blocking bad actions before they hit LinkedIn, Gmail, or CRM—AI got hands, this is the leash dog.

Why is it gaining traction?

Unlike hardware workarounds like a separate Mac Mini, leashed delivers software controls: deny-first glob matching with Unicode bypass protection, post-task output scanning for leaks, and instant session destruction. Developers dig the dead-simple API for any descriptive-task agent (OpenClaw sales bots, Claude work assistants) plus CLI status/audit views—no more github got hacked fears or full-access panics. The "got hands" meme vibe hooks agent builders tired of unbridled Copilot-style tools.

Who should use this?

AI agent devs crafting LinkedIn outreach bots, email summarizers, or Salesforce updaters—especially if handing over credentials keeps you up at night. Sales engineers using OpenClaw or Devin-like tools for inbox checks without export risks. Solo makers prototyping chatgpt github integrations or got 5 github copilot workflows needing quick governance.

Verdict

Grab it for v0.1 prototypes if you're building credentialed agents—solid docs, GIF demos, and 67% test coverage make onboarding fast despite 10 stars and 1.0% credibility score. Wait for v1.0 URL enforcement if production-scale security is non-negotiable; it's raw but directionally right for OSS agent safety.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.