provos

provos / ironcurtain

Public

A secure* runtime for autonomous AI agents. Policy from plain-English constitutions. (*https://ironcurtain.dev)

ironcurtain.dev agent mcp model-context-protocol policy sandbox
75
13
100% credibility
Found Feb 27, 2026 at 42 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
TypeScript
AI Summary

IronCurtain provides a secure environment for running autonomous AI agents by compiling human-readable security policies into enforceable rules.

How It Works

1
🔍 Discover IronCurtain

You hear about a safe way to let AI helpers manage files, code, and web tasks without risking your computer.

2
📦 Install easily

Run one simple command to add it to your computer, like installing any helpful app.

3
🧠 Connect AI helper

Link your favorite AI service so it can think and respond to your requests.

4
📝 Write your safety rules

Describe in plain English what your helper can and can't do, like 'only edit my project folder'.

5
🛡️ Activate the safety shield

With one click, turn your words into unbreakable rules that protect your files and data.

6
💬 Chat with your helper

Ask it to fix code, fetch info, or manage tasks — it pauses for your okay on big changes.

Safe and powerful help

Your AI works freely within your rules, keeping everything secure while getting things done.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 42 to 75 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is ironcurtain?

IronCurtain is a TypeScript secure runtime for autonomous AI agents, akin to a secure container runtime for JavaScript and TypeScript that prevents rogue actions like data exfiltration or destructive git ops. You define policies in plain-English "constitutions" -- e.g., "no git push without approval" -- which compile into runtime enforcement on every tool call via MCP servers for filesystem, git, and fetch. Run agents in a V8 sandbox or Docker mode with Claude Code, using CLI commands like `ironcurtain start` for sessions or `compile-policy` to update rules.

Why is it gaining traction?

It flips the script on ambient authority in agent frameworks by assuming the LLM is untrusted, interposing semantic checks on MCP tools instead of raw system access. Features like auto-approval for clear intents, Signal messaging for mobile oversight, and resource budgets stand out for balancing autonomy with safety -- think securing GitHub Copilot-like agents or GitHub Actions without babysitting. Early buzz on iron curtain github ties to broader secure runtime pushes like Deno's model.

Who should use this?

DevOps engineers running git-heavy AI agents for code review or repo management, without risking host FS. Security-conscious devs prototyping autonomous tools for secure GitHub private repositories or secure GitHub workflows. Anyone tired of sandbox-or-bust limits on agents handling real tools.

Verdict

Grab it for experiments in secure runtime environments -- the natural-language policy hook is clever, docs solid, CLI intuitive. But at 15 stars and 1.0% credibility, it's a raw research prototype; expect API churn and verify compiled rules before prod.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.