Built an identity/permissions/audit layer for AI agents. Honest feedback wanted before more people use it

Most agent frameworks I've used (LangChain, CrewAI, Pydantic AI, OpenAI Agents SDK) handle the "what can the agent do" part well. They don't handle three things I keep running into in production: 1. **Identity** — every agent shares the same API key, so I can't tell which agent did what in the logs. 2. **Permissions** — there's no clean way to say "this agent can read but not write" and enforce it at tool-call time. 3. **Audit** — when something goes wrong at 4am, the trail is a wall of LLM logs, not a clean record of who-did-what-with-what-permission. I built an SDK that addresses these three and ships integrations for the frameworks above. It's free on the free tier. Ed25519 identity per agent, scoped permissions, signed audit bundles. Python + TypeScript. Before more people pick it up, I want honest feedback: 1. Are these actually problems you're hitting, or am I solving for an audience that doesn't exist yet? 2. The decorator approach (`@vorim_tool(scope='data:read')` on a tool function) — too magic, or right level of abstraction? 3. Is "signed bundle for compliance" a thing you'd ever use, or is it overbuilt for where most agent deployments actually are right now? 4. What would you change about the API shape? Genuinely open to critique would rather hear "this is solving the wrong problem" than ship in the wrong direction.