I made a tiny JSON permission layer for AI coding agents

Reddit r/AI_Agents Tools

Summary

A new open-source tool 'agentcontract' provides a portable JSON-based permission layer for AI coding agents, allowing developers to define allow/deny rules for tools, paths, and network access across different agent runtimes. Version 0.0.1 adds a local browser GUI for editing and testing contracts.

I just released \`agentcontract\` v0.0.1. The problem I kept running into: AI coding agents are getting more capable, but their safety controls are usually tied to one product. Claude Code has its way of asking for permission. Codex has its own. Hermes has its own. Custom agents end up inventing yet another allowlist. I wanted something boring and portable: \`\`\`json { "allow\_tools": \["read\_file", "write\_file"\], "deny\_tools": \["shell"\], "allow\_paths": \["./src/"\], "deny\_paths": \["\~/.ssh/", "\~/.env"\], "allow\_network": false, "require\_approval": \["shell"\] } \`\`\` Then any agent runtime can check a proposed action against that contract before it touches files, runs commands, calls APIs, or burns tokens. The new \`v0.0.1\` release adds \`agc gui\`, a local browser UI for writing a contract, validating it, saving it, and dry-running a proposed tool call. Use case: commit the contract to your repo, inspect it like normal config, and reuse it across different agents/runtimes instead of trusting each tool’s internal permission model. It’s early, MIT licensed, deliberately small, and written in Python. Would love feedback from anyone building agent tooling or running coding agents against real repos.
Original Article

Similar Articles

Trustworthy Agentic AI Layer

Reddit r/AI_Agents

The author is building Synapsor, a beta tool for AI agents that provides governed memory, staged writes, replay, permissions, and audit trails, and is seeking feedback from agent builders.